• Registrarse
  • Iniciar sesión


  • Página 2 de 3 PrimeroPrimero 123 ÚltimoÚltimo
    Resultados 11 al 20 de 23

    Protección contra spyware y software no deseado desactivada

    ComboFix 17-10-17.01 - camila 20/10/2017 14:04:40.2.2 - x86 Running from: c:\users\camila\Desktop\ComboFix.exe Command switches used :: c:\users\camila\Desktop\CFScript.txt * Created a new restore point . FILE :: "c:\windows\System32\drivers\Bfilter.sys" "c:\windows\System32\drivers\Bfmon.sys" "c:\windows\System32\drivers\Bhbase.sys" "c:\windows\System32\drivers\BHipsEx.sys" "c:\windows\system32\drivers\bnbasex.sys" "c:\windows\System32\drivers\bndef.sys" "c:\windows\System32\drivers\Bprotect.sys" . . ((((((((((((((((((((((((((((((((((((((( ...

    1. #11
      Usuario Avatar de Camila06
      Registrado
      sep 2017
      Ubicación
      Argentina
      Mensajes
      12

      Re: Protección contra spyware y software no deseado desactivada

      ComboFix 17-10-17.01 - camila 20/10/2017 14:04:40.2.2 - x86
      Running from: c:\users\camila\Desktop\ComboFix.exe
      Command switches used :: c:\users\camila\Desktop\CFScript.txt
      * Created a new restore point
      .
      FILE ::
      "c:\windows\System32\drivers\Bfilter.sys"
      "c:\windows\System32\drivers\Bfmon.sys"
      "c:\windows\System32\drivers\Bhbase.sys"
      "c:\windows\System32\drivers\BHipsEx.sys"
      "c:\windows\system32\drivers\bnbasex.sys"
      "c:\windows\System32\drivers\bndef.sys"
      "c:\windows\System32\drivers\Bprotect.sys"
      .
      .
      ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
      .
      .
      c:\users\Public\Downloads\Norton
      c:\users\Public\Downloads\Norton\{NIS2250215-SHPD-FSD51083}\2014Plugin.dll
      c:\users\Public\Downloads\Norton\{NIS2250215-SHPD-FSD51083}\FSDPlugin.dll
      c:\users\Public\Downloads\Norton\{NIS2250215-SHPD-FSD51083}\FSDUI_Custom.exe
      c:\users\Public\Downloads\Norton\{NIS2250215-SHPD-FSD51083}\NIS-PPOEM-22.5.2.15.exe
      c:\users\Public\Downloads\Norton\{NIS2250215-SHPD-FSD51083}\symcdefs.exe
      c:\users\Public\Downloads\Norton\{NIS227132-PPO-FSD56093}\2015Plugin.dll
      c:\users\Public\Downloads\Norton\{NIS227132-PPO-FSD56093}\FSDPlugin.dll
      c:\users\Public\Downloads\Norton\{NIS227132-PPO-FSD56093}\NIS-PPOEM-Def-22.7.1.32.exe
      c:\users\Public\Downloads\Norton\{NIS228000-PPO-FSD56093}\2015Plugin.dll
      c:\users\Public\Downloads\Norton\{NIS228000-PPO-FSD56093}\FSDPlugin.dll
      c:\users\Public\Downloads\Norton\{NIS228000-PPO-FSD56093}\NIS_22.8.0.50_PPO_Other_15649.exe
      c:\users\Public\Downloads\Norton\{NIS228000-PPO-FSD56093}\symcdefs.exe
      .
      .
      ((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
      .
      .
      -------\Legacy_BFILTER
      -------\Legacy_BFMON
      -------\Legacy_BHBASE
      -------\Legacy_BNDEF
      -------\Legacy_BPROTECT
      -------\Service_Bfilter
      -------\Service_Bfmon
      -------\Service_Bhbase
      -------\Service_BHipsEx
      -------\Service_Bnbase
      -------\Service_Bndef
      -------\Service_Bprotect
      .
      .
      ((((((((((((((((((((((((( Files Created from 2017-09-20 to 2017-10-20 )))))))))))))))))))))))))))))))
      .
      .
      2017-10-20 17:15 . 2017-10-20 18:19 -------- d-----w- c:\users\camila\AppData\Local\temp
      2017-10-20 17:15 . 2017-10-20 17:15 -------- d-----w- c:\users\Invitado\AppData\Local\temp
      2017-10-20 17:15 . 2017-10-20 17:15 -------- d-----w- c:\users\Default\AppData\Local\temp
      2017-10-20 16:57 . 2017-10-20 16:57 -------- d-----w- c:\programdata\SWCUTemp
      2017-10-16 23:06 . 2017-10-16 23:06 -------- d-----w- c:\program files\ESET
      2017-10-07 21:13 . 2017-10-06 16:22 84032 ----a-w- c:\windows\system32\drivers\aswHdsKe.sys
      2017-10-06 17:49 . 2017-10-06 17:49 304816 ----a-w- c:\windows\system32\aswBoot.exe
      2017-10-02 14:38 . 2017-10-02 14:38 -------- d-----w- c:\users\Invitado\AppData\Roaming\AVAST Software
      2017-10-02 14:18 . 2017-10-02 14:18 -------- d-----w- c:\users\camila\AppData\Roaming\AVAST Software
      2017-10-02 14:17 . 2017-10-06 17:49 149824 ----a-w- c:\windows\system32\drivers\aswStm.sys
      2017-10-02 14:17 . 2017-10-06 17:49 297840 ----a-w- c:\windows\system32\drivers\aswVmm.sys
      2017-10-02 14:17 . 2017-10-06 17:49 99560 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
      2017-10-02 14:17 . 2017-10-06 17:49 70864 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
      2017-10-02 14:17 . 2017-10-06 17:49 499560 ----a-w- c:\windows\system32\drivers\aswSP.sys
      2017-10-02 14:17 . 2017-10-06 17:49 42856 ----a-w- c:\windows\system32\drivers\aswHwid.sys
      2017-10-02 14:17 . 2017-10-06 17:49 124952 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
      2017-10-02 14:17 . 2017-10-06 17:49 777952 ----a-w- c:\windows\system32\drivers\aswSnx.sys
      2017-10-02 14:17 . 2017-10-06 17:49 50384 ----a-w- c:\windows\system32\drivers\aswbunivx.sys
      2017-10-02 14:17 . 2017-10-06 17:49 276736 ----a-w- c:\windows\system32\drivers\aswblogx.sys
      2017-10-02 14:17 . 2017-10-06 17:48 157416 ----a-w- c:\windows\system32\drivers\aswbidshx.sys
      2017-10-02 14:17 . 2017-10-06 17:48 255624 ----a-w- c:\windows\system32\drivers\aswbidsdriverx.sys
      2017-10-02 14:12 . 2017-10-02 14:12 -------- d-----w- c:\program files\AVAST Software
      2017-10-02 03:23 . 2017-10-02 03:25 8250832 ----a-w- c:\users\camila\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Malwarebytes\adwcleaner_7.0.3.1.exe
      2017-10-02 03:18 . 2017-10-02 13:58 -------- d-----w- c:\program files\CCleaner
      2017-10-02 03:13 . 2017-10-02 03:13 1790024 ----a-w- c:\users\camila\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Malwarebytes\JRT.exe
      2017-10-02 03:13 . 2017-10-02 03:30 -------- d-----w- C:\AdwCleaner
      2017-09-24 22:19 . 2017-09-24 22:19 -------- d-----w- c:\program files\Keyboard Driver
      2017-09-22 15:44 . 2017-09-22 15:46 -------- d-----w- C:\KVRT_Data
      2017-09-22 15:36 . 2017-09-22 15:38 -------- d-----w- c:\users\camila\Pavark
      2017-09-22 14:15 . 2017-09-22 14:15 -------- d-----w- c:\programdata\Intel
      2017-09-22 14:14 . 2017-09-22 14:15 -------- d-----w- c:\program files\Intel Driver and Support Assistant
      .
      .
      .
      (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
      .
      2017-08-28 14:54 . 2017-08-28 14:54 0 ---ha-w- c:\users\camila\AppData\Local\BIT1A53.tmp
      2017-08-21 21:39 . 2013-03-07 21:31 803328 ----a-w- c:\windows\system32\FlashPlayerApp.exe
      2017-08-21 21:39 . 2013-03-07 21:31 144896 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
      2017-08-16 15:10 . 2017-09-15 23:37 629760 ----a-w- c:\windows\system32\usp10.dll
      2017-08-16 14:50 . 2017-09-15 23:37 2403328 ----a-w- c:\windows\system32\win32k.sys
      2017-08-15 15:10 . 2017-09-15 23:37 1499648 ----a-w- c:\windows\system32\ExplorerFrame.dll
      2017-08-14 17:35 . 2017-09-15 23:37 2150912 ----a-w- c:\windows\system32\mmcndmgr.dll
      2017-08-14 17:35 . 2017-09-15 23:37 303104 ----a-w- c:\windows\system32\mmcbase.dll
      2017-08-14 17:35 . 2017-09-15 23:37 128512 ----a-w- c:\windows\system32\mmcshext.dll
      2017-08-14 17:35 . 2017-09-15 23:37 172544 ----a-w- c:\windows\system32\cic.dll
      2017-08-13 21:30 . 2017-09-15 23:37 1401344 ----a-w- c:\windows\system32\mmc.exe
      2017-08-13 16:46 . 2017-09-15 23:37 2724864 ----a-w- c:\windows\system32\mshtml.tlb
      2017-08-13 16:45 . 2017-09-15 23:37 4096 ----a-w- c:\windows\system32\ieetwcollectorres.dll
      2017-08-13 16:30 . 2017-09-15 23:37 62464 ----a-w- c:\windows\system32\iesetup.dll
      2017-08-13 16:29 . 2017-09-15 23:37 499200 ----a-w- c:\windows\system32\vbscript.dll
      2017-08-13 16:29 . 2017-09-15 23:37 47616 ----a-w- c:\windows\system32\ieetwproxystub.dll
      2017-08-13 16:29 . 2017-09-15 23:37 341504 ----a-w- c:\windows\system32\html.iec
      2017-08-13 16:28 . 2017-09-15 23:37 64000 ----a-w- c:\windows\system32\MshtmlDac.dll
      2017-08-13 16:18 . 2017-09-15 23:37 104960 ----a-w- c:\windows\system32\ieetwcollector.exe
      2017-08-13 16:17 . 2017-09-15 23:37 115712 ----a-w- c:\windows\system32\ieUnatt.exe
      2017-08-13 16:17 . 2017-09-15 23:37 620032 ----a-w- c:\windows\system32\jscript9diag.dll
      2017-08-13 16:10 . 2017-09-15 23:37 667648 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
      2017-08-13 16:01 . 2017-09-15 23:37 60416 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll
      2017-08-13 16:01 . 2017-09-15 23:37 73216 ----a-w- c:\windows\system32\tdc.ocx
      2017-08-13 15:48 . 2017-09-15 23:37 4547072 ----a-w- c:\windows\system32\jscript9.dll
      2017-08-13 15:43 . 2017-09-15 23:37 2058752 ----a-w- c:\windows\system32\inetcpl.cpl
      2017-08-13 15:43 . 2017-09-15 23:37 1155072 ----a-w- c:\windows\system32\mshtmlmedia.dll
      2017-08-13 15:17 . 2017-09-15 23:37 2767872 ----a-w- c:\windows\system32\wininet.dll
      2017-08-11 06:24 . 2017-09-15 23:37 3945704 ----a-w- c:\windows\system32\ntoskrnl.exe
      2017-08-11 06:24 . 2017-09-15 23:37 4001000 ----a-w- c:\windows\system32\ntkrnlpa.exe
      2017-08-11 06:21 . 2017-09-15 23:37 1310528 ----a-w- c:\windows\system32\ntdll.dll
      2017-08-11 06:19 . 2017-09-15 23:37 497664 ----a-w- c:\windows\system32\win32spl.dll
      2017-08-11 06:19 . 2017-09-15 23:37 271360 ----a-w- c:\windows\system32\Wldap32.dll
      2017-08-11 06:19 . 2017-09-15 23:37 16384 ----a-w- c:\windows\system32\winnsi.dll
      2017-08-11 06:19 . 2017-09-15 23:37 171008 ----a-w- c:\windows\system32\winsrv.dll
      2017-08-11 06:19 . 2017-09-15 23:37 400896 ----a-w- c:\windows\system32\srcore.dll
      2017-08-11 06:19 . 2017-09-15 23:37 43008 ----a-w- c:\windows\system32\srclient.dll
      2017-08-11 06:19 . 2017-09-15 23:37 50176 ----a-w- c:\windows\system32\setbcdlocale.dll
      2017-08-11 06:19 . 2017-09-15 23:37 377344 ----a-w- c:\windows\system32\rpcss.dll
      2017-08-11 06:19 . 2017-09-15 23:37 299008 ----a-w- c:\windows\system32\ntprint.dll
      2017-08-11 06:19 . 2017-09-15 23:37 19968 ----a-w- c:\windows\system32\nsisvc.dll
      2017-08-11 06:19 . 2017-09-15 23:37 8704 ----a-w- c:\windows\system32\nsi.dll
      2017-08-11 06:19 . 2017-09-15 23:37 1417728 ----a-w- c:\windows\system32\ole32.dll
      2017-08-11 06:19 . 2017-09-15 23:37 26112 ----a-w- c:\windows\system32\oleres.dll
      2017-08-11 06:19 . 2017-09-15 23:37 781824 ----a-w- c:\windows\system32\localspl.dll
      2017-08-11 06:19 . 2017-09-15 23:37 294400 ----a-w- c:\windows\system32\KernelBase.dll
      2017-08-11 06:19 . 2017-09-15 23:37 126464 ----a-w- c:\windows\system32\inetpp.dll
      2017-08-11 06:19 . 2017-09-15 23:37 38912 ----a-w- c:\windows\system32\csrsrv.dll
      2017-08-11 06:19 . 2017-09-15 23:37 644096 ----a-w- c:\windows\system32\advapi32.dll
      2017-08-11 06:19 . 2017-09-15 23:37 6656 ----a-w- c:\windows\system32\apisetschema.dll
      2017-08-11 06:19 . 2017-09-15 23:37 5120 ---ha-w- c:\windows\system32\api-ms-win-core-file-l1-1-0.dll
      2017-08-11 06:19 . 2017-09-15 23:37 50688 ----a-w- c:\windows\system32\appidapi.dll
      2017-08-11 06:19 . 2017-09-15 23:37 4608 ---ha-w- c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
      2017-08-11 06:19 . 2017-09-15 23:37 4096 ---ha-w- c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
      2017-08-11 06:19 . 2017-09-15 23:37 4096 ---ha-w- c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
      2017-08-11 06:19 . 2017-09-15 23:37 4096 ---ha-w- c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
      2017-08-11 06:19 . 2017-09-15 23:37 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
      2017-08-11 06:19 . 2017-09-15 23:37 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
      2017-08-11 06:19 . 2017-09-15 23:37 3584 ---ha-w- c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
      2017-08-11 06:19 . 2017-09-15 23:37 3584 ---ha-w- c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
      2017-08-11 06:19 . 2017-09-15 23:37 3584 ---ha-w- c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
      2017-08-11 06:19 . 2017-09-15 23:37 3584 ---ha-w- c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
      2017-08-11 06:19 . 2017-09-15 23:37 3584 ---ha-w- c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
      2017-08-11 06:19 . 2017-09-15 23:37 3584 ---ha-w- c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
      2017-08-11 06:19 . 2017-09-15 23:37 3072 ---ha-w- c:\windows\system32\api-ms-win-core-string-l1-1-0.dll
      2017-08-11 06:19 . 2017-09-15 23:37 3072 ---ha-w- c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
      2017-08-11 06:19 . 2017-09-15 23:37 3072 ---ha-w- c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
      2017-08-11 06:19 . 2017-09-15 23:37 3072 ---ha-w- c:\windows\system32\api-ms-win-core-io-l1-1-0.dll
      2017-08-11 06:19 . 2017-09-15 23:37 3072 ---ha-w- c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
      2017-08-11 06:19 . 2017-09-15 23:37 3072 ---ha-w- c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
      2017-08-11 06:19 . 2017-09-15 23:37 3072 ---ha-w- c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
      2017-08-11 06:19 . 2017-09-15 23:37 3072 ---ha-w- c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
      2017-08-11 06:19 . 2017-09-15 23:37 3072 ---ha-w- c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
      2017-08-11 06:19 . 2017-09-15 23:37 3072 ---ha-w- c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
      2017-08-11 06:19 . 2017-09-15 23:37 3072 ---ha-w- c:\windows\system32\api-ms-win-core-console-l1-1-0.dll
      2017-08-11 06:09 . 2017-09-15 23:37 39424 ----a-w- c:\windows\system32\wpnpinst.exe
      2017-08-11 06:09 . 2017-09-15 23:37 61952 ----a-w- c:\windows\system32\ntprint.exe
      2017-08-11 06:09 . 2017-09-15 23:37 18944 ----a-w- c:\windows\system32\inetppui.dll
      2017-08-11 06:09 . 2017-09-15 23:37 29696 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\winprint.dll
      2017-08-11 06:03 . 2017-09-15 23:37 26624 ----a-w- c:\windows\system32\netbtugc.exe
      2017-08-11 06:01 . 2017-09-15 23:37 7168 ----a-w- c:\windows\system32\comcat.dll
      2017-08-11 06:00 . 2017-09-15 23:37 97792 ----a-w- c:\windows\system32\appidpolicyconverter.exe
      2017-08-11 06:00 . 2017-09-15 23:37 16896 ----a-w- c:\windows\system32\appidcertstorecheck.exe
      2017-08-11 06:00 . 2017-09-15 23:37 50688 ----a-w- c:\windows\system32\drivers\appid.sys
      2017-08-11 06:00 . 2017-09-15 23:37 29696 ----a-w- c:\windows\system32\appidsvc.dll
      2017-08-11 05:58 . 2017-09-15 23:37 271360 ----a-w- c:\windows\system32\conhost.exe
      2017-08-11 05:58 . 2017-09-15 23:37 262656 ----a-w- c:\windows\system32\rstrui.exe
      2017-08-11 05:56 . 2017-09-15 23:37 311808 ----a-w- c:\windows\system32\drivers\srv.sys
      2017-08-11 05:56 . 2017-09-15 23:37 313856 ----a-w- c:\windows\system32\drivers\srv2.sys
      2017-08-11 05:56 . 2017-09-15 23:37 115712 ----a-w- c:\windows\system32\drivers\srvnet.sys
      2017-08-11 05:55 . 2017-09-15 23:37 188928 ----a-w- c:\windows\system32\drivers\netbt.sys
      2017-08-11 05:55 . 2017-09-15 23:37 17920 ----a-w- c:\windows\system32\drivers\nsiproxy.sys
      2017-08-11 05:55 . 2017-09-15 23:37 69632 ----a-w- c:\windows\system32\smss.exe
      2017-08-11 05:55 . 2017-09-15 23:37 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
      2017-08-11 05:55 . 2017-09-15 23:37 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
      2017-08-11 05:55 . 2017-09-15 23:37 3584 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
      2017-08-11 05:55 . 2017-09-15 23:37 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
      2017-07-29 14:50 . 2017-08-09 11:29 74752 ----a-w- c:\windows\system32\drivers\tdx.sys
      .
      .
      ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
      .
      .
      *Note* empty entries & legit default entries are not shown
      REGEDIT4
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00asw]
      @="{472083B0-C522-11CF-8763-00608CC02F24}"
      [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
      2017-10-06 17:49 1395224 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
      .
      [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "Spotify Web Helper"="c:\users\camila\AppData\Roaming\Spotify\SpotifyWebHelper.exe" [2017-09-14 777840]
      "CCleaner Monitoring"="c:\program files\CCleaner\CCleaner.exe" [2017-09-20 7685808]
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "AudioPower"="c:\program files\Positivo BGH\Positivo BGH Experience\Positivo BGH Audio Power\AudioPower.exe" [2011-05-25 687104]
      "SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2010-06-17 495708]
      "IAStorIcon"="c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-03-03 284696]
      "IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-06-17 138008]
      "Persistence"="c:\windows\system32\igfxpers.exe" [2011-06-17 172824]
      "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2010-03-11 1733928]
      "Monitor"="c:\windows\PixArt\PAC207\Monitor.exe" [2006-11-03 319488]
      "DSATray"="c:\program files\Intel Driver and Support Assistant\DsaTray.exe" [2017-09-18 131360]
      "AvastUI.exe"="c:\program files\AVAST Software\Avast\AvLaunch.exe" [2017-10-06 253344]
      .
      c:\users\Invitado\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
      Recorte de pantalla y Selector de OneNote 2010.lnk - c:\program files\Microsoft Office\Office14\ONENOTEM.EXE /tsr [2015-10-13 228552]
      .
      c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
      HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2009-9-20 270336]
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
      "ConsentPromptBehaviorAdmin"= 5 (0x5)
      "ConsentPromptBehaviorUser"= 3 (0x3)
      "EnableUIADesktopToggle"= 0 (0x0)
      "SoftwareSASGeneration"= 1 (0x1)
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
      "aux"=wdmaud.drv
      .
      [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^OSD.lnk]
      backup=c:\windows\pss\OSD.lnk.CommonStartup
      backupExtension=.CommonStartup
      path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\OSD.lnk
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GoogleChromeAutoLaunch_6A2B435AD68292963E66E188FD9BC54F]
      2017-09-21 04:57 1249624 ----a-w- c:\program files\Google\Chrome\Application\chrome.exe
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
      2013-05-30 17:50 96056 ----a-w- c:\program files\HP\HP Software Update\hpwuschd2.exe
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify Web Helper]
      2017-09-14 21:08 777840 ----a-w- c:\users\camila\AppData\Roaming\Spotify\SpotifyWebHelper.exe
      .
      R1 ESProtectionDriver;Malwarebytes Anti-Exploit;c:\windows\system32\drivers\mbae.sys [x]
      R3 andnetadb;ADB Interface DriverNet;c:\windows\system32\Drivers\lgandnetadb.sys [2012-07-03 25856]
      R3 AndNetDiag;LGE AndroidNet USB Serial Port;c:\windows\system32\DRIVERS\lgandnetdiag.sys [2012-07-03 23040]
      R3 ANDNetModem;LGE AndroidNet USB Modem;c:\windows\system32\DRIVERS\lgandnetmodem.sys [2012-07-03 27776]
      R3 andnetndis;LGE AndroidNet NDIS Ethernet Adapter;c:\windows\system32\DRIVERS\lgandnetndis.sys [2012-07-04 73728]
      R3 aswbIDSAgent;aswbIDSAgent;c:\program files\AVAST Software\Avast\aswidsagent.exe [2017-10-06 5828816]
      R3 aswHdsKe;aswHdsKe;c:\windows\system32\drivers\aswHdsKe.sys [2017-10-06 84032]
      R3 aswHwid;aswHwid;c:\windows\system32\drivers\aswHwid.sys [2017-10-06 42856]
      R3 aswTap;avast! SecureLine TAP Adapter v3;c:\windows\system32\DRIVERS\aswTap.sys [2014-10-13 38984]
      R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys [2017-07-15 108032]
      R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2017-08-13 104960]
      R3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [2017-07-15 148720]
      R3 JME;JMicron Ethernet Adapter NDIS6.20 Driver;c:\windows\system32\DRIVERS\JME.sys [2017-07-15 125456]
      R3 ksapi;ksapi;c:\windows\system32\drivers\ksapi.sys [2017-01-22 81768]
      R3 MBAMFarflt;MBAMFarflt;c:\windows\system32\DRIVERS\farflt.sys [x]
      R3 MBAMProtection;MBAMProtection;c:\windows\system32\DRIVERS\mbam.sys [x]
      R3 MBAMWebProtection;MBAMWebProtection;c:\windows\system32\DRIVERS\mwac.sys [x]
      R3 PAC207;SoC PC-Camera;c:\windows\system32\DRIVERS\PFC027.SYS [2006-12-05 507136]
      R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 14848]
      R3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;c:\windows\system32\DRIVERS\rtl8192Ce.sys [2011-10-06 1056360]
      R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2013-10-02 49152]
      R3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
      R3 WinRing0_1_2_0;WinRing0_1_2_0;c:\users\Administrator\Desktop\bit\temperat\WinRing0.sys [x]
      R4 BatteryManagerSrv;Battery Manager Service;c:\program files\Positivo BGH\Positivo BGH Experience\Positivo BGH Battery Power\BatteryManagerService.exe [2011-05-26 45056]
      R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040]
      S0 aswbidsh;aswbidsh;c:\windows\\SystemRoot\system32\drivers\aswbidshx.sys [x]
      S0 aswblog;aswblog;c:\windows\\SystemRoot\system32\drivers\aswblogx.sys [x]
      S0 aswbuniv;aswbuniv;c:\windows\\SystemRoot\system32\drivers\aswbunivx.sys [x]
      S0 aswRvrt;aswRvrt;c:\windows\\SystemRoot\system32\drivers\aswRvrt.sys [x]
      S0 aswVmm;aswVmm;c:\windows\\SystemRoot\system32\drivers\aswVmm.sys [x]
      S1 aswbidsdriver;aswbidsdriver;c:\windows\system32\drivers\aswbidsdriverx.sys [2017-10-06 255624]
      S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2017-10-06 777952]
      S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2017-10-06 499560]
      S1 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\windows\system32\drivers\HWiNFO32.SYS [2017-07-15 23840]
      S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2017-10-06 124952]
      S2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys [2017-10-06 149824]
      S2 cvhsvc;Client Virtualization Handler;c:\program files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2015-03-18 822496]
      S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe [2009-07-14 20992]
      S2 DSAService;Intel(R) Driver & Support Assistant;c:\program files\Intel Driver and Support Assistant\DSAService.exe [2017-09-18 22816]
      S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-03-03 13336]
      S2 sftlist;Application Virtualization Client;c:\program files\Microsoft Application Virtualization Client\sftlist.exe [2013-06-26 523944]
      S2 SoilIO;SoilIO; [x]
      S3 ETDSMBus;ETDSMBus;c:\windows\system32\DRIVERS\ETDSMBus.sys [2017-07-15 28744]
      S3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys [2010-03-15 127488]
      S3 PositivoAudioDriverWdm;Positivo Audio Driver (WDM);c:\windows\system32\DRIVERS\pad.sys [2011-05-03 52496]
      S3 RTWlanE;Realtek Wireless LAN 802.11n PCI-E Network Adapter;c:\windows\system32\DRIVERS\rtwlane.sys [2017-07-15 3175128]
      S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2013-06-26 583848]
      S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2013-06-26 197800]
      S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2013-06-26 24232]
      S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2013-06-26 20136]
      S3 sftvsa;Application Virtualization Service Agent;c:\program files\Microsoft Application Virtualization Client\sftvsa.exe [2013-06-26 207528]
      S3 soilkbc;soilkbc; [x]
      S3 SoilMC;SoilMC; [x]
      .
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
      LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr fdrespub AppIDSvc QWAVE wcncsvc SensrSvc
      HPService REG_MULTI_SZ HPSLPSVC
      HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
      hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
      utcsvc REG_MULTI_SZ DiagTrack
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
      2017-09-21 23:28 1450840 ----a-w- c:\program files\Google\Chrome\Application\61.0.3163.100\Installer\chrmstp.exe
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{A6EADE66-0000-0000-484E-7E8A45000000}]
      2017-07-31 22:31 324080 ----a-w- c:\program files\Adobe\Acrobat Reader DC\Esl\AiodLite.dll
      .
      Contents of the 'Scheduled Tasks' folder
      .
      2017-10-20 c:\windows\Tasks\HP Photo Creations Communicator.job
      - c:\users\camila\AppData\Roaming\HP Photo Creations\Communicator.exe [2017-01-27 15:50]
      .
      .
      ------- Supplementary Scan -------
      .
      uStart Page = https://www.google.com/?bcutc=sp-006
      mStart Page = https://www.google.com/?bcutc=sp-006
      mSearch Bar = https://www.google.com/?bcutc=sp-006
      uInternet Settings,ProxyServer = proxy.soc.unicen.edu.ar:8080
      IE: &Enviar a OneNote - c:\progra~1\MIF5BA~1\Office14\ONBttnIE.dll/105
      IE: E&xportar a Microsoft Excel - c:\progra~1\MIF5BA~1\Office14\EXCEL.EXE/3000
      TCP: DhcpNameServer = 192.168.96.4 192.168.96.1
      TCP: Interfaces\{6A8DFCB4-FB5E-4132-82B4-51C68C389972}: DhcpNameServer = 192.168.96.4 192.168.96.1
      TCP: Interfaces\{6A8DFCB4-FB5E-4132-82B4-51C68C389972}\14E64627F696461405: DhcpNameServer = 192.168.43.1
      TCP: Interfaces\{6A8DFCB4-FB5E-4132-82B4-51C68C389972}\743302354797C65737F563639373: DhcpNameServer = 192.168.43.1
      TCP: Interfaces\{6A8DFCB4-FB5E-4132-82B4-51C68C389972}\C47402B4964756F533337323: DhcpNameServer = 192.168.43.1
      TCP: Interfaces\{6A8DFCB4-FB5E-4132-82B4-51C68C389972}\D4F647F627F6C616: DhcpNameServer = 200.42.4.210 200.49.130.41
      .
      .
      --------------------- LOCKED REGISTRY KEYS ---------------------
      .
      [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
      @Denied: (A) (Users)
      @Denied: (A) (Everyone)
      @Allowed: (B 1 2 3 4 5) (S-1-5-20)
      "BlindDial"=dword:00000000
      .
      [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
      @Denied: (A) (Users)
      @Denied: (A) (Everyone)
      @Allowed: (B 1 2 3 4 5) (S-1-5-20)
      "BlindDial"=dword:00000000
      .
      [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
      @Denied: (A) (Users)
      @Denied: (A) (Everyone)
      @Allowed: (B 1 2 3 4 5) (S-1-5-20)
      "BlindDial"=dword:00000000
      .
      [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
      @Denied: (Full) (Everyone)
      .
      ------------------------ Other Running Processes ------------------------
      .
      c:\program files\AVAST Software\Avast\AvastSvc.exe
      c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe
      c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
      c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
      c:\windows\system32\taskhost.exe
      c:\windows\system32\conhost.exe
      c:\program files\AVAST Software\Avast\AvastUI.exe
      c:\program files\Synaptics\SynTP\SynTPHelper.exe
      c:\program files\HP\Digital Imaging\bin\hpqSTE08.exe
      c:\program files\HP\Digital Imaging\bin\hpqbam08.exe
      c:\program files\HP\Digital Imaging\bin\hpqgpc01.exe
      c:\windows\system32\sppsvc.exe
      c:\program files\AVAST Software\Avast\AvastUI.exe
      c:\program files\AVAST Software\Avast\AvEmUpdate.exe
      .
      **************************************************************************
      .
      Completion time: 2017-10-20 15:25:38 - machine was rebooted
      ComboFix-quarantined-files.txt 2017-10-20 18:25
      ComboFix2.txt 2017-10-17 02:51
      .
      Pre-Run: 288.945.500.160 bytes libres
      Post-Run: 288.798.089.216 bytes libres
      .
      - - End Of File - - AEC947C408DF99E9EFA8923B24044462
      A36C5E4F47E84449FF07ED3517B43A31

      El centro de actividades no reconoce a avast como antivirus aunque avast dice estar activado y windows defender está desactivado, al intentar activarlo me abre una ventana con carpetas. Yo creo que más que un virus es un problema del centro de seguridad de windows.

    2. #12
      Moderador
      Avatar de @MiguelRiaguel
      Registrado
      dic 2008
      Ubicación
      España
      Mensajes
      12.064

      Re: Protección contra spyware y software no deseado desactivada

      Me gustaría tener algo más de información Por favor, realiza lo siguiente:

      Descarga Farbar Recovery Scan Tool.

      Selecciona la descarga de acuerdo a la arquitectura de tu Sistema Operativo. (32 0 64 bits)
      ¿Cómo saber si mi Windows es de 32 o 64 bits?

      • La guardas en el Escritorio >> Esto es muy importante..
      • Con todos los programas /ventanas cerrados, doble clic para ejecutar Frst.exe/Frst64.exe según el caso.
      • En la ventana del Disclaimer, presiona Yes.
      • En la nueva ventana que se abre, presiona el botón Scan y espera paciente a que concluya el análisis.
      • Se abrirán dos (2) archivos (Logs), Frst.txt y Addition.txt, estos estarán grabados en tu escritorio.
      • Para terminar abres los archivos Frst.txt y Addition.Txt copia y pega todo su contenido en tu próxima respuesta.
      • Utiliza dos o más mensajes si te dice que es muy largo.



      Esperamos esos reportes.


      Saludos
      El problema de los virus es pasajero y durará un par de años / John McAfee - fundador de McAfee

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    3. #13
      Usuario Avatar de Camila06
      Registrado
      sep 2017
      Ubicación
      Argentina
      Mensajes
      12

      Re: Protección contra spyware y software no deseado desactivada

      Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 26-10-2017
      Ran by camila (administrator) on CAMILA-PC-00 (25-10-2017 20:52:56)
      Running from C:\Users\camila\Desktop
      Loaded Profiles: camila (Available Profiles: camila & Invitado)
      Platform: Windows 7 Home Basic Service Pack 1 (X86) Language: Español (España, internacional)
      Internet Explorer Version 11 (Default browser: Chrome)
      Boot Mode: Normal
      Tutorial for Farbar Recovery Scan Tool: ***********************************************************************************************************

      ==================== Processes (Whitelisted) =================

      (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

      (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
      (Intel) C:\Program Files\Intel Driver and Support Assistant\DSAService.exe
      (Microsoft Corporation) C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
      (Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
      (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
      (Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
      (Microsoft Corporation) C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
      (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
      (AVAST Software s.r.o.) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
      (Microsoft) C:\Program Files\Positivo BGH\Positivo BGH Experience\Positivo BGH Audio Power\AudioPower.exe
      (IDT, Inc.) C:\Program Files\IDT\WDM\sttray.exe
      (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
      (Intel Corporation) C:\Windows\System32\igfxtray.exe
      (Intel Corporation) C:\Windows\System32\igfxpers.exe
      (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
      (PixArt Imaging Incorporation) C:\Windows\PixArt\Pac207\Monitor.exe
      (Intel) C:\Program Files\Intel Driver and Support Assistant\DSATray.exe
      (AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
      (Spotify Ltd) C:\Users\camila\AppData\Roaming\Spotify\SpotifyWebHelper.exe
      (Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
      (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
      (Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
      (Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
      (Hewlett-Packard) C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
      (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
      (AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
      (Microsoft Corporation) C:\Windows\System32\rundll32.exe
      (Microsoft Corporation) C:\Windows\System32\dllhost.exe

      ==================== Registry (Whitelisted) ===========================

      (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

      HKLM\...\Run: [AudioPower] => C:\Program Files\Positivo BGH\Positivo BGH Experience\Positivo BGH Audio Power\AudioPower.exe [687104 2011-05-25] (Microsoft)
      HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray.exe [495708 2010-06-17] (IDT, Inc.)
      HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2010-03-03] (Intel Corporation)
      HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1733928 2010-03-11] (Synaptics Incorporated)
      HKLM\...\Run: [Monitor] => C:\windows\PixArt\PAC207\Monitor.exe [319488 2006-11-03] (PixArt Imaging Incorporation)
      HKLM\...\Run: [DSATray] => C:\Program Files\Intel Driver and Support Assistant\DsaTray.exe [131360 2017-09-18] (Intel)
      HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [253344 2017-10-21] (AVAST Software)
      HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
      HKU\S-1-5-21-2830203645-438559757-2077044639-1000\...\Run: [Spotify Web Helper] => C:\Users\camila\AppData\Roaming\Spotify\SpotifyWebHelper.exe [777840 2017-10-23] (Spotify Ltd)
      HKU\S-1-5-21-2830203645-438559757-2077044639-1000\Control Panel\Desktop\\SCRNSAVE.EXE ->
      Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2015-01-13]
      ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
      CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

      ==================== Internet (Whitelisted) ====================

      (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

      ProxyServer: [S-1-5-21-2830203645-438559757-2077044639-1000] => proxy.soc.unicen.edu.ar:8080
      AutoConfigURL: [S-1-5-21-2830203645-438559757-2077044639-1000] => proxy.soc.unicen.edu.ar:8080
      Tcpip\Parameters: [DhcpNameServer] 192.168.96.4 192.168.96.1
      Tcpip\..\Interfaces\{6A8DFCB4-FB5E-4132-82B4-51C68C389972}: [DhcpNameServer] 192.168.96.4 192.168.96.1

      Internet Explorer:
      ==================
      HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?bcutc=sp-006
      HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
      HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
      HKU\S-1-5-21-2830203645-438559757-2077044639-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
      HKU\S-1-5-21-2830203645-438559757-2077044639-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?bcutc=sp-006
      SearchScopes: HKLM -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
      SearchScopes: HKLM -> {7DFE3436-ECB4-4538-89D2-B78A653C4937} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MNMTDF&pc=MANM&src=IE-SearchBox
      SearchScopes: HKLM -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
      SearchScopes: HKU\S-1-5-21-2830203645-438559757-2077044639-1000 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
      SearchScopes: HKU\S-1-5-21-2830203645-438559757-2077044639-1000 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
      BHO: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-09-20] (Hewlett-Packard Co.)
      BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-10-21] (AVAST Software)
      BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
      BHO: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files\Windows Live\Companion\companioncore.dll [2010-09-23] (Microsoft Corporation)
      BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
      BHO: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-09-20] (Hewlett-Packard Co.)
      Toolbar: HKU\S-1-5-21-2830203645-438559757-2077044639-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
      DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab

      FireFox:
      ========
      FF HKU\S-1-5-21-2830203645-438559757-2077044639-1000\...\Firefox\Extensions: [[email protected]] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
      FF Extension: (HP Smart Web Printing) - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2015-01-13] [not signed]
      FF Plugin: @adobe.com/ShockwavePlayer -> C:\windows\system32\Adobe\Director\np32dsw_1225195.dll [2016-09-20] (Adobe Systems, Inc.)
      FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
      FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MIF5BA~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
      FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MIF5BA~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
      FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2010-09-23] (Microsoft Corporation)
      FF Plugin: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll [2011-02-21] (RocketLife, LLP)
      FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-08-21] (Google Inc.)
      FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-08-21] (Google Inc.)
      FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-07-31] (Adobe Systems Inc.)
      FF Plugin HKU\S-1-5-21-2830203645-438559757-2077044639-1000: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\Users\camila\AppData\Roaming\Visan\plugins\npRLSecurePluginLayer.dll [2011-03-12] (RocketLife, LLP)
      FF Plugin HKU\S-1-5-21-2830203645-438559757-2077044639-1000: @talk.google.com/GoogleTalkPlugin -> C:\Users\camila\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
      FF Plugin HKU\S-1-5-21-2830203645-438559757-2077044639-1000: @talk.google.com/O1DPlugin -> C:\Users\camila\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-12-08] (Google)
      FF Plugin HKU\S-1-5-21-2830203645-438559757-2077044639-1000: @tools.google.com/Google Update;version=3 -> C:\Users\camila\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-19] (Google Inc.)
      FF Plugin HKU\S-1-5-21-2830203645-438559757-2077044639-1000: @tools.google.com/Google Update;version=9 -> C:\Users\camila\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-19] (Google Inc.)
      FF Plugin HKU\S-1-5-21-2830203645-438559757-2077044639-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\camila\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2017-03-08] (Unity Technologies ApS)
      FF Plugin ProgramFiles/Appdata: C:\Users\camila\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
      FF Plugin ProgramFiles/Appdata: C:\Users\camila\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-12-08] (Google)

      Chrome:
      =======
      CHR DefaultProfile: Default
      CHR Profile: C:\Users\camila\AppData\Local\Google\Chrome\User Data\Default [2017-10-25]
      CHR Extension: (Presentaciones) - C:\Users\camila\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
      CHR Extension: (Duolingo en la web) - C:\Users\camila\AppData\Local\Google\Chrome\User Data\Default\Extensions\aiahmijlpehemcpleichkcokhegllfjl [2017-08-22]
      CHR Extension: (Documentos) - C:\Users\camila\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
      CHR Extension: (Google Drive) - C:\Users\camila\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-08-21]
      CHR Extension: (YouTube) - C:\Users\camila\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-08-21]
      CHR Extension: (Tampermonkey) - C:\Users\camila\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2017-10-01]
      CHR Extension: (Adobe Acrobat) - C:\Users\camila\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-08-21]
      CHR Extension: (Hojas de cálculo) - C:\Users\camila\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]
      CHR Extension: (Documentos de Google sin conexión) - C:\Users\camila\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-08-21]
      CHR Extension: (Avast Online Security) - C:\Users\camila\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-10-22]
      CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\camila\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-21]
      CHR Extension: (Gmail) - C:\Users\camila\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-08-21]
      CHR Extension: (Chrome Media Router) - C:\Users\camila\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-09-15]
      CHR Profile: C:\Users\camila\AppData\Local\Google\Chrome\User Data\Guest Profile [2017-10-20]
      CHR HKLM\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
      CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
      CHR HKLM\...\Chrome\Extension: [fagakgcelolinfnkfgekcnedpaklfcok] - hxxps://clients2.google.com/service/update2/crx
      CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
      CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
      CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
      CHR HKU\S-1-5-21-2830203645-438559757-2077044639-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [dhdgffkkebhmkfjojejmpbldmpobfkfo] - hxxp://clients2.google.com/service/update2/crx

      ==================== Services (Whitelisted) ====================

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [5828816 2017-10-21] (AVAST Software s.r.o.)
      R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [281416 2017-10-21] (AVAST Software)
      S4 BatteryManagerSrv; C:\Program Files\Positivo BGH\Positivo BGH Experience\Positivo BGH Battery Power\BatteryManagerService.exe [45056 2011-05-26] (Positivo Informática S.A) [File not signed]
      R2 DSAService; C:\Program Files\Intel Driver and Support Assistant\DSAService.exe [22816 2017-09-18] (Intel)
      R3 hpqcxs08; C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll [248832 2009-05-21] (Hewlett-Packard Co.) [File not signed]
      R2 hpqddsvc; C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-20] (Hewlett-Packard Co.) [File not signed]
      R2 Net Driver HPZ12; C:\windows\system32\HPZinw12.dll [44032 2010-08-06] (Hewlett-Packard) [File not signed]
      R2 Pml Driver HPZ12; C:\windows\system32\HPZipm12.dll [53760 2010-08-06] (Hewlett-Packard) [File not signed]
      S4 STacSV; C:\Program Files\IDT\WDM\STacSV.exe [237650 2010-06-17] (IDT, Inc.)
      S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)

      ===================== Drivers (Whitelisted) ======================

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      S3 andnetadb; C:\windows\System32\Drivers\lgandnetadb.sys [25856 2012-07-03] (Google Inc)
      S3 AndNetDiag; C:\windows\System32\DRIVERS\lgandnetdiag.sys [23040 2012-07-03] (LG Electronics Inc.)
      S3 ANDNetModem; C:\windows\System32\DRIVERS\lgandnetmodem.sys [27776 2012-07-03] (LG Electronics Inc.)
      S3 andnetndis; C:\windows\System32\DRIVERS\lgandnetndis.sys [73728 2012-07-04] (LG Electronics Inc.)
      R1 aswbidsdriver; C:\windows\system32\drivers\aswbidsdriverx.sys [255624 2017-10-21] (AVAST Software s.r.o.)
      R0 aswbidsh; C:\windows\system32\drivers\aswbidshx.sys [157416 2017-10-21] (AVAST Software s.r.o.)
      R0 aswblog; C:\windows\system32\drivers\aswblogx.sys [276736 2017-10-21] (AVAST Software s.r.o.)
      R0 aswbuniv; C:\windows\system32\drivers\aswbunivx.sys [50384 2017-10-21] (AVAST Software s.r.o.)
      S3 aswHwid; C:\windows\system32\drivers\aswHwid.sys [42856 2017-10-21] (AVAST Software)
      R2 aswMonFlt; C:\windows\system32\drivers\aswMonFlt.sys [124952 2017-10-21] (AVAST Software)
      R1 aswRdr; C:\windows\system32\drivers\aswRdr2.sys [99560 2017-10-21] (AVAST Software)
      R0 aswRvrt; C:\windows\system32\drivers\aswRvrt.sys [70864 2017-10-21] (AVAST Software)
      R1 aswSnx; C:\windows\system32\drivers\aswSnx.sys [777952 2017-10-21] (AVAST Software)
      R1 aswSP; C:\windows\system32\drivers\aswSP.sys [499560 2017-10-21] (AVAST Software)
      R2 aswStm; C:\windows\system32\drivers\aswStm.sys [149824 2017-10-21] (AVAST Software)
      S3 aswTap; C:\windows\System32\DRIVERS\aswTap.sys [38984 2014-10-12] (The OpenVPN Project)
      R0 aswVmm; C:\windows\system32\drivers\aswVmm.sys [297840 2017-10-21] (AVAST Software)
      S3 dg_ssudbus; C:\windows\System32\DRIVERS\ssudbus.sys [108032 2017-07-15] (Samsung Electronics Co., Ltd.)
      R3 ETDSMBus; C:\windows\System32\DRIVERS\ETDSMBus.sys [28744 2017-07-15] (ELAN Microelectronic Corp.)
      R1 HWiNFO32; C:\windows\system32\drivers\HWiNFO32.SYS [23840 2017-07-15] (REALiX(tm))
      S3 ksapi; C:\windows\system32\drivers\ksapi.sys [81768 2017-01-22] (Kingsoft Corporation)
      S3 PAC207; C:\windows\System32\DRIVERS\PFC027.SYS [507136 2006-12-05] (PixArt Imaging Inc.)
      R3 PositivoAudioDriverWdm; C:\windows\System32\DRIVERS\pad.sys [52496 2011-05-03] ()
      S3 RTL8192Ce; C:\windows\System32\DRIVERS\rtl8192Ce.sys [1056360 2011-10-06] (Realtek Semiconductor Corporation )
      R3 RTWlanE; C:\windows\System32\DRIVERS\rtwlane.sys [3175128 2017-07-15] (Realtek Semiconductor Corporation )
      R2 SoilIO; C:\windows\system32\Drivers\SoilIO.sys [16248 2009-12-04] ()
      R3 soilkbc; C:\windows\system32\Drivers\soilkbc.sys [10744 2009-12-04] (Systems Internals)
      R3 SoilMC; C:\windows\system32\Drivers\SoilMC.sys [10616 2009-12-04] (Systems Internals)
      U5 AppMgmt; C:\windows\system32\svchost.exe [20992 2009-07-13] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
      S3 catchme; \??\C:\Users\camila\AppData\Local\Temp\catchme.sys [X]
      S1 ESProtectionDriver; \??\C:\windows\system32\drivers\mbae.sys [X]
      S3 MBAMFarflt; system32\DRIVERS\farflt.sys [X]
      S3 MBAMProtection; system32\DRIVERS\mbam.sys [X]
      S3 MBAMWebProtection; system32\DRIVERS\mwac.sys [X]
      S3 WinRing0_1_2_0; \??\C:\Users\Administrator\Desktop\bit\temperat\WinRing0.sys [X]

      ==================== NetSvcs (Whitelisted) ===================

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


      ==================== One Month Created files and folders ========

      (If an entry is included in the fixlist, the file/folder will be moved.)

      Error(1) reading file: "C:\Users\camila\Documents\Sailor MOON."
      2017-10-25 20:52 - 2017-10-25 20:54 - 000019164 _____ C:\Users\camila\Desktop\FRST.txt
      2017-10-25 20:52 - 2017-10-25 20:52 - 000000000 ____D C:\ProgramData\SWCUTemp
      2017-10-25 20:52 - 2017-10-25 20:52 - 000000000 ____D C:\FRST
      2017-10-25 20:51 - 2017-10-25 20:51 - 001799680 _____ (Farbar) C:\Users\camila\Desktop\FRST.exe
      2017-10-23 22:34 - 2017-10-23 22:34 - 409063877 _____ C:\windows\MEMORY.DMP
      2017-10-23 22:34 - 2017-10-23 22:34 - 000146944 _____ C:\windows\Minidump\102317-21918-01.dmp
      2017-10-23 15:38 - 2017-10-23 15:38 - 000000043 _____ C:\Users\Invitado\Downloads\hbpix
      2017-10-23 14:31 - 2017-10-22 22:17 - 014144814 ____N C:\Users\Invitado\Downloads\VID-20171022-WA0022.mp4
      2017-10-23 14:31 - 2017-10-22 22:17 - 013557807 ____N C:\Users\Invitado\Downloads\VID-20171022-WA0023.mp4
      2017-10-23 14:31 - 2017-10-22 22:16 - 003733915 ____N C:\Users\Invitado\Downloads\VID-20171022-WA0021.mp4
      2017-10-22 22:01 - 2017-10-22 22:01 - 000244264 _____ C:\Users\camila\Downloads\0494490004.01.26-01-17.pdf
      2017-10-22 19:31 - 2017-10-18 19:02 - 002459491 _____ C:\Users\Invitado\Downloads\VID-20171018-WA0001.mp4
      2017-10-22 19:31 - 2017-10-16 18:27 - 000948908 _____ C:\Users\Invitado\Downloads\VID-20171016-WA0396.mp4
      2017-10-22 19:31 - 2017-10-16 18:07 - 016630932 _____ C:\Users\Invitado\Downloads\VID-20171016-WA0364.mp4
      2017-10-22 19:31 - 2017-10-16 17:51 - 002185690 _____ C:\Users\Invitado\Downloads\VID-20171016-WA0362.mp4
      2017-10-22 19:31 - 2017-10-16 17:50 - 004786433 _____ C:\Users\Invitado\Downloads\VID-20171016-WA0360.mp4
      2017-10-22 19:31 - 2017-10-16 17:44 - 003724515 _____ C:\Users\Invitado\Downloads\VID-20171016-WA0359.mp4
      2017-10-22 19:31 - 2017-10-16 17:42 - 001506526 _____ C:\Users\Invitado\Downloads\VID-20171016-WA0328.mp4
      2017-10-22 19:31 - 2017-10-16 17:19 - 002485111 _____ C:\Users\Invitado\Downloads\VID-20171016-WA0281.mp4
      2017-10-22 19:31 - 2017-10-16 16:33 - 000337953 _____ C:\Users\Invitado\Downloads\VID-20171016-WA0176.mp4
      2017-10-22 19:31 - 2017-10-16 16:21 - 002328846 _____ C:\Users\Invitado\Downloads\VID-20171016-WA0118.3gp
      2017-10-22 19:31 - 2017-10-16 16:11 - 003473075 _____ C:\Users\Invitado\Downloads\VID-20171016-WA0061.mp4
      2017-10-22 19:31 - 2017-10-16 16:09 - 002328846 _____ C:\Users\Invitado\Downloads\VID-20171016-WA0041.3gp
      2017-10-22 19:31 - 2017-10-16 15:41 - 012725675 _____ C:\Users\Invitado\Downloads\VID-20171016-WA0012.mp4
      2017-10-22 19:31 - 2017-10-16 15:39 - 009834437 _____ C:\Users\Invitado\Downloads\VID-20171016-WA0011.mp4
      2017-10-22 19:31 - 2017-10-16 15:38 - 006431904 _____ C:\Users\Invitado\Downloads\VID-20171016-WA0009.mp4
      2017-10-22 19:31 - 2017-10-16 15:38 - 002295005 _____ C:\Users\Invitado\Downloads\VID-20171016-WA0010.mp4
      2017-10-22 19:31 - 2017-10-16 15:37 - 014010884 _____ C:\Users\Invitado\Downloads\VID-20171016-WA0007.mp4
      2017-10-22 19:31 - 2017-10-16 15:37 - 004047503 _____ C:\Users\Invitado\Downloads\VID-20171016-WA0008.mp4
      2017-10-22 19:31 - 2017-10-10 18:25 - 019537914 _____ C:\Users\Invitado\Downloads\VID-20171010-WA0010.mp4
      2017-10-22 19:31 - 2017-09-13 19:51 - 000762632 _____ C:\Users\Invitado\Downloads\VID-20170913-WA0001.mp4
      2017-10-22 19:31 - 2017-09-12 20:22 - 002743883 _____ C:\Users\Invitado\Downloads\VID-20170912-WA0006.mp4
      2017-10-22 19:31 - 2017-09-10 20:07 - 001438023 _____ C:\Users\Invitado\Downloads\VID-20170910-WA0095.mp4
      2017-10-22 19:31 - 2017-09-10 20:03 - 000290786 _____ C:\Users\Invitado\Downloads\VID-20170910-WA0089.mp4
      2017-10-22 19:31 - 2017-09-10 00:45 - 000236820 _____ C:\Users\Invitado\Downloads\VID-20170910-WA0008.mp4
      2017-10-22 19:31 - 2017-09-09 17:30 - 000563639 _____ C:\Users\Invitado\Downloads\VID-20170909-WA0054.mp4
      2017-10-22 19:31 - 2017-09-09 16:40 - 000240429 _____ C:\Users\Invitado\Downloads\VID-20170909-WA0051.mp4
      2017-10-22 19:31 - 2017-09-09 15:50 - 000494449 _____ C:\Users\Invitado\Downloads\VID-20170909-WA0048.mp4
      2017-10-22 19:31 - 2017-09-09 14:53 - 001035643 _____ C:\Users\Invitado\Downloads\VID-20170909-WA0040.mp4
      2017-10-22 19:24 - 2017-10-17 01:08 - 000105397 _____ C:\Users\Invitado\Downloads\VID-20171017-WA0059.mp4
      2017-10-22 19:24 - 2017-10-17 01:08 - 000050003 _____ C:\Users\Invitado\Downloads\VID-20171017-WA0060.mp4
      2017-10-22 19:24 - 2017-10-17 01:05 - 000113490 _____ C:\Users\Invitado\Downloads\VID-20171017-WA0021.mp4
      2017-10-22 19:24 - 2017-10-16 20:21 - 000017667 _____ C:\Users\Invitado\Downloads\VID-20171016-WA0571.mp4
      2017-10-22 19:24 - 2017-10-16 19:12 - 000043725 _____ C:\Users\Invitado\Downloads\VID-20171016-WA0524.mp4
      2017-10-22 19:24 - 2017-10-16 17:18 - 000033207 _____ C:\Users\Invitado\Downloads\VID-20171016-WA0275.mp4
      2017-10-22 12:04 - 2017-10-22 12:04 - 000000000 ____D C:\Users\camila\Downloads\cocina
      2017-10-21 19:56 - 2017-10-14 17:26 - 000238710 ____N C:\Users\Invitado\Downloads\Voz00022.3gp
      2017-10-21 19:56 - 2017-08-30 14:43 - 000889170 ____N C:\Users\Invitado\Downloads\Voz00020.3gp
      2017-10-21 19:56 - 2017-08-30 14:36 - 000447621 ____N C:\Users\Invitado\Downloads\Voz00017.3gp
      2017-10-21 19:56 - 2017-04-23 16:36 - 000560182 ____N C:\Users\Invitado\Downloads\Voz00015.3gp
      2017-10-21 19:56 - 2016-10-01 21:20 - 000715767 ____N C:\Users\Invitado\Downloads\Voz00001.3gp
      2017-10-21 19:31 - 2017-08-26 13:25 - 020444063 ____N C:\Users\Invitado\Downloads\20170826_132457.mp4
      2017-10-21 19:31 - 2017-08-17 16:36 - 038130781 ____N C:\Users\Invitado\Downloads\20170817_163350.mp4
      2017-10-21 19:31 - 2017-05-13 12:03 - 040916533 ____N C:\Users\Invitado\Downloads\20170513_120150.mp4
      2017-10-21 19:31 - 2017-03-23 21:14 - 019607949 ____N C:\Users\Invitado\Downloads\20170323_211322.mp4
      2017-10-21 19:29 - 2017-09-09 17:36 - 000563639 ____N C:\Users\Invitado\Downloads\VID-20170909-WA0005.mp4
      2017-10-21 19:25 - 2017-03-15 16:51 - 000046371 ____N C:\Users\Invitado\Downloads\orca_share_media1489607471209.jpeg
      2017-10-21 19:25 - 2016-12-11 02:12 - 000121559 ____N C:\Users\Invitado\Downloads\orca_share_media1481433153818.jpeg
      2017-10-21 19:25 - 2016-12-05 16:54 - 001101080 ____N C:\Users\Invitado\Downloads\orca_share_media1480967679906.jpeg
      2017-10-21 19:25 - 2016-12-05 16:54 - 000937148 ____N C:\Users\Invitado\Downloads\orca_share_media1480967697837.jpeg
      2017-10-21 19:25 - 2016-12-05 02:34 - 000964439 ____N C:\Users\Invitado\Downloads\orca_share_media1480916047185.jpeg
      2017-10-21 19:25 - 2016-12-05 02:34 - 000964439 ____N C:\Users\Invitado\Downloads\orca_share_media1480916042588.jpeg
      2017-10-21 19:25 - 2016-12-05 02:34 - 000964439 ____N C:\Users\Invitado\Downloads\orca_share_media1480916040484.jpeg
      2017-10-21 19:25 - 2016-12-04 00:44 - 001032610 ____N C:\Users\Invitado\Downloads\orca_share_media1480823081045.jpeg
      2017-10-21 19:22 - 2017-03-10 18:06 - 001202446 ____N C:\Users\Invitado\Downloads\orca_share_media1489179993582.jpeg
      2017-10-21 17:00 - 2017-10-21 17:00 - 000000017 _____ C:\Users\Invitado\AppData\Local\resmon.resmoncfg
      2017-10-21 16:51 - 2017-10-21 16:51 - 000000000 ____D C:\Users\Invitado\AppData\Roaming\AVAST Software
      2017-10-21 15:31 - 2017-09-07 11:56 - 000259584 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbhub.sys
      2017-10-21 15:31 - 2017-09-07 11:55 - 000285696 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbport.sys
      2017-10-21 15:31 - 2017-09-07 11:55 - 000076288 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbccgp.sys
      2017-10-21 15:31 - 2017-09-07 11:55 - 000046592 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbehci.sys
      2017-10-21 15:31 - 2017-09-07 11:55 - 000024576 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbuhci.sys
      2017-10-21 15:31 - 2017-09-07 11:55 - 000020480 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbohci.sys
      2017-10-21 15:31 - 2017-09-07 11:55 - 000006016 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbd.sys
      2017-10-21 15:31 - 2017-09-07 10:05 - 000922432 _____ (Microsoft Corporation) C:\windows\system32\ucrtbase.dll
      2017-10-21 15:31 - 2017-09-07 10:05 - 000066400 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-private-l1-1-0.dll
      2017-10-21 15:31 - 2017-09-07 10:05 - 000022368 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-math-l1-1-0.dll
      2017-10-21 15:31 - 2017-09-07 10:05 - 000019808 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
      2017-10-21 15:31 - 2017-09-07 10:05 - 000017760 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-string-l1-1-0.dll
      2017-10-21 15:31 - 2017-09-07 10:05 - 000017760 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
      2017-10-21 15:31 - 2017-09-07 10:05 - 000016224 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
      2017-10-21 15:31 - 2017-09-07 10:05 - 000015712 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-convert-l1-1-0.dll
      2017-10-21 15:31 - 2017-09-07 10:05 - 000014176 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-time-l1-1-0.dll
      2017-10-21 15:31 - 2017-09-07 10:05 - 000014176 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localization-l1-2-0.dll
      2017-10-21 15:31 - 2017-09-07 10:05 - 000013664 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
      2017-10-21 15:31 - 2017-09-07 10:05 - 000012640 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-process-l1-1-0.dll
      2017-10-21 15:31 - 2017-09-07 10:05 - 000012640 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-heap-l1-1-0.dll
      2017-10-21 15:31 - 2017-09-07 10:05 - 000012640 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-conio-l1-1-0.dll
      2017-10-21 15:31 - 2017-09-07 10:05 - 000012128 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-utility-l1-1-0.dll
      2017-10-21 15:31 - 2017-09-07 10:05 - 000012128 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-locale-l1-1-0.dll
      2017-10-21 15:31 - 2017-09-07 10:05 - 000012128 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-environment-l1-1-0.dll
      2017-10-21 15:31 - 2017-09-07 10:05 - 000012128 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-core-synch-l1-2-0.dll
      2017-10-21 15:31 - 2017-09-07 10:05 - 000012128 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
      2017-10-21 15:31 - 2017-09-07 10:05 - 000011616 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-core-xstate-l2-1-0.dll
      2017-10-21 15:31 - 2017-09-07 10:05 - 000011616 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-core-timezone-l1-1-0.dll
      2017-10-21 15:31 - 2017-09-07 10:05 - 000011616 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l2-1-0.dll
      2017-10-21 15:31 - 2017-09-07 10:05 - 000011616 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l1-2-0.dll
      2017-10-21 15:00 - 2017-10-23 22:34 - 000399552 _____ C:\windows\ntbtlog.txt
      2017-10-21 14:57 - 2017-10-21 14:57 - 000002042 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
      2017-10-21 14:57 - 2017-10-21 14:57 - 000000000 ____D C:\Users\camila\AppData\Roaming\AVAST Software
      2017-10-21 14:57 - 2017-10-21 14:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
      2017-10-21 14:57 - 2017-10-21 14:56 - 000777952 _____ (AVAST Software) C:\windows\system32\Drivers\aswSnx.sys
      2017-10-21 14:57 - 2017-10-21 14:56 - 000499560 _____ (AVAST Software) C:\windows\system32\Drivers\aswSP.sys
      2017-10-21 14:57 - 2017-10-21 14:56 - 000297840 _____ (AVAST Software) C:\windows\system32\Drivers\aswVmm.sys
      2017-10-21 14:57 - 2017-10-21 14:56 - 000276736 _____ (AVAST Software s.r.o.) C:\windows\system32\Drivers\aswblogx.sys
      2017-10-21 14:57 - 2017-10-21 14:56 - 000149824 _____ (AVAST Software) C:\windows\system32\Drivers\aswStm.sys
      2017-10-21 14:57 - 2017-10-21 14:56 - 000124952 _____ (AVAST Software) C:\windows\system32\Drivers\aswMonFlt.sys
      2017-10-21 14:57 - 2017-10-21 14:56 - 000099560 _____ (AVAST Software) C:\windows\system32\Drivers\aswRdr2.sys
      2017-10-21 14:57 - 2017-10-21 14:56 - 000070864 _____ (AVAST Software) C:\windows\system32\Drivers\aswRvrt.sys
      2017-10-21 14:57 - 2017-10-21 14:56 - 000050384 _____ (AVAST Software s.r.o.) C:\windows\system32\Drivers\aswbunivx.sys
      2017-10-21 14:57 - 2017-10-21 14:56 - 000042856 _____ (AVAST Software) C:\windows\system32\Drivers\aswHwid.sys
      2017-10-21 14:57 - 2017-10-21 14:55 - 000255624 _____ (AVAST Software s.r.o.) C:\windows\system32\Drivers\aswbidsdriverx.sys
      2017-10-21 14:57 - 2017-10-21 14:55 - 000157416 _____ (AVAST Software s.r.o.) C:\windows\system32\Drivers\aswbidshx.sys
      2017-10-21 14:56 - 2017-10-21 14:56 - 000304816 _____ (AVAST Software) C:\windows\system32\aswBoot.exe
      2017-10-21 03:06 - 2017-10-21 03:06 - 124059592 ____C (Microsoft Corporation) C:\windows\system32\MRT-KB890830.exe
      2017-10-20 21:24 - 2017-09-13 12:13 - 004001512 _____ (Microsoft Corporation) C:\windows\system32\ntkrnlpa.exe
      2017-10-20 21:24 - 2017-09-13 12:13 - 003945704 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
      2017-10-20 21:24 - 2017-09-13 12:13 - 000137960 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
      2017-10-20 21:24 - 2017-09-13 12:13 - 000067304 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
      2017-10-20 21:24 - 2017-09-13 12:10 - 001310528 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
      2017-10-20 21:24 - 2017-09-13 12:09 - 000830464 _____ (Microsoft Corporation) C:\windows\system32\msctf.dll
      2017-10-20 21:24 - 2017-09-13 12:09 - 000828928 _____ (Microsoft Corporation) C:\windows\system32\wlansvc.dll
      2017-10-20 21:24 - 2017-09-13 12:09 - 000655360 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
      2017-10-20 21:24 - 2017-09-13 12:09 - 000428032 _____ (Microsoft Corporation) C:\windows\system32\wlanmsm.dll
      2017-10-20 21:24 - 2017-09-13 12:09 - 000400896 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
      2017-10-20 21:24 - 2017-09-13 12:09 - 000392704 _____ (Microsoft Corporation) C:\windows\system32\wlansec.dll
      2017-10-20 21:24 - 2017-09-13 12:09 - 000261120 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
      2017-10-20 21:24 - 2017-09-13 12:09 - 000254464 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
      2017-10-20 21:24 - 2017-09-13 12:09 - 000223232 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
      2017-10-20 21:24 - 2017-09-13 12:09 - 000172032 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
      2017-10-20 21:24 - 2017-09-13 12:09 - 000146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
      2017-10-20 21:24 - 2017-09-13 12:09 - 000141312 _____ (Microsoft Corporation) C:\windows\system32\rpchttp.dll
      2017-10-20 21:24 - 2017-09-13 12:09 - 000099840 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
      2017-10-20 21:24 - 2017-09-13 12:09 - 000083968 _____ (Microsoft Corporation) C:\windows\system32\wlanhlp.dll
      2017-10-20 21:24 - 2017-09-13 12:09 - 000080896 _____ (Microsoft Corporation) C:\windows\system32\wlanapi.dll
      2017-10-20 21:24 - 2017-09-13 12:09 - 000065536 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
      2017-10-20 21:24 - 2017-09-13 12:09 - 000060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
      2017-10-20 21:24 - 2017-09-13 12:09 - 000050176 _____ (Microsoft Corporation) C:\windows\system32\setbcdlocale.dll
      2017-10-20 21:24 - 2017-09-13 12:09 - 000043008 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
      2017-10-20 21:24 - 2017-09-13 12:09 - 000022016 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
      2017-10-20 21:24 - 2017-09-13 12:08 - 001062912 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
      2017-10-20 21:24 - 2017-09-13 12:08 - 000690688 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
      2017-10-20 21:24 - 2017-09-13 12:08 - 000644096 _____ (Microsoft Corporation) C:\windows\system32\advapi32.dll
      2017-10-20 21:24 - 2017-09-13 12:08 - 000554496 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
      2017-10-20 21:24 - 2017-09-13 12:08 - 000082432 _____ (Microsoft Corporation) C:\windows\system32\bcrypt.dll
      2017-10-20 21:24 - 2017-09-13 12:08 - 000050688 _____ (Microsoft Corporation) C:\windows\system32\appidapi.dll
      2017-10-20 21:24 - 2017-09-13 12:08 - 000038912 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll
      2017-10-20 21:24 - 2017-09-13 12:08 - 000017408 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
      2017-10-20 21:24 - 2017-09-13 12:08 - 000006656 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll
      2017-10-20 21:24 - 2017-09-13 11:53 - 000271360 _____ (Microsoft Corporation) C:\windows\system32\Drivers\nwifi.sys
      2017-10-20 21:24 - 2017-09-13 11:50 - 000097792 _____ (Microsoft Corporation) C:\windows\system32\appidpolicyconverter.exe
      2017-10-20 21:24 - 2017-09-13 11:50 - 000050688 _____ (Microsoft Corporation) C:\windows\system32\Drivers\appid.sys
      2017-10-20 21:24 - 2017-09-13 11:50 - 000050176 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
      2017-10-20 21:24 - 2017-09-13 11:50 - 000029696 _____ (Microsoft Corporation) C:\windows\system32\appidsvc.dll
      2017-10-20 21:24 - 2017-09-13 11:50 - 000016896 _____ (Microsoft Corporation) C:\windows\system32\appidcertstorecheck.exe
      2017-10-20 21:24 - 2017-09-13 11:48 - 000262656 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
      2017-10-20 21:24 - 2017-09-13 11:46 - 000226304 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb10.sys
      2017-10-20 21:24 - 2017-09-13 11:46 - 000124416 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys
      2017-10-20 21:24 - 2017-09-13 11:46 - 000098304 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys
      2017-10-20 21:24 - 2017-09-13 11:46 - 000069632 _____ (Microsoft Corporation) C:\windows\system32\smss.exe
      2017-10-20 21:24 - 2017-09-13 11:46 - 000036352 _____ (Microsoft Corporation) C:\windows\system32\cryptbase.dll
      2017-10-20 21:24 - 2017-09-13 11:46 - 000022016 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
      2017-10-20 21:24 - 2017-09-13 11:46 - 000015872 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
      2017-10-20 21:24 - 2017-09-08 20:47 - 000347344 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
      2017-10-20 21:24 - 2017-09-08 12:14 - 001213672 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ntfs.sys
      2017-10-20 21:24 - 2017-09-08 12:10 - 001549824 _____ (Microsoft Corporation) C:\windows\system32\tquery.dll
      2017-10-20 21:24 - 2017-09-08 12:10 - 001363968 _____ (Microsoft Corporation) C:\windows\system32\Query.dll
      2017-10-20 21:24 - 2017-09-08 12:10 - 000109568 _____ (Microsoft Corporation) C:\windows\system32\t2embed.dll
      2017-10-20 21:24 - 2017-09-08 12:09 - 001400320 _____ (Microsoft Corporation) C:\windows\system32\mssrch.dll
      2017-10-20 21:24 - 2017-09-08 12:09 - 000666624 _____ (Microsoft Corporation) C:\windows\system32\mssvp.dll
      2017-10-20 21:24 - 2017-09-08 12:09 - 000337408 _____ (Microsoft Corporation) C:\windows\system32\mssph.dll
      2017-10-20 21:24 - 2017-09-08 12:09 - 000306688 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
      2017-10-20 21:24 - 2017-09-08 12:09 - 000197120 _____ (Microsoft Corporation) C:\windows\system32\mssphtb.dll
      2017-10-20 21:24 - 2017-09-08 12:09 - 000104448 _____ (Microsoft Corporation) C:\windows\system32\mssitlb.dll
      2017-10-20 21:24 - 2017-09-08 12:09 - 000059392 _____ (Microsoft Corporation) C:\windows\system32\msscntrs.dll
      2017-10-20 21:24 - 2017-09-08 12:09 - 000034816 _____ (Microsoft Corporation) C:\windows\system32\mssprxy.dll
      2017-10-20 21:24 - 2017-09-08 12:00 - 000427520 _____ (Microsoft Corporation) C:\windows\system32\SearchIndexer.exe
      2017-10-20 21:24 - 2017-09-08 12:00 - 000164352 _____ (Microsoft Corporation) C:\windows\system32\SearchProtocolHost.exe
      2017-10-20 21:24 - 2017-09-08 11:59 - 000086528 _____ (Microsoft Corporation) C:\windows\system32\SearchFilterHost.exe
      2017-10-20 21:24 - 2017-09-08 11:59 - 000009728 _____ (Microsoft Corporation) C:\windows\system32\msshooks.dll
      2017-10-20 21:24 - 2017-09-08 11:50 - 002402304 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
      2017-10-20 21:24 - 2017-09-08 11:20 - 000640512 _____ (Microsoft Corporation) C:\windows\system32\mswstr10.dll
      2017-10-20 21:24 - 2017-09-08 11:20 - 000345088 _____ (Microsoft Corporation) C:\windows\system32\msexcl40.dll
      2017-10-20 21:24 - 2017-09-08 11:20 - 000008704 _____ (Microsoft Corporation) C:\windows\system32\msjint40.dll
      2017-10-20 21:24 - 2017-09-07 16:27 - 002724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
      2017-10-20 21:24 - 2017-09-07 16:26 - 000004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
      2017-10-20 21:24 - 2017-09-07 16:11 - 000062464 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
      2017-10-20 21:24 - 2017-09-07 16:10 - 000499200 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
      2017-10-20 21:24 - 2017-09-07 16:10 - 000341504 _____ (Microsoft Corporation) C:\windows\system32\html.iec
      2017-10-20 21:24 - 2017-09-07 16:10 - 000047616 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
      2017-10-20 21:24 - 2017-09-07 16:09 - 000064000 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
      2017-10-20 21:24 - 2017-09-07 16:04 - 020267008 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
      2017-10-20 21:24 - 2017-09-07 16:03 - 002292736 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
      2017-10-20 21:24 - 2017-09-07 16:03 - 000047104 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
      2017-10-20 21:24 - 2017-09-07 16:02 - 000030720 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
      2017-10-20 21:24 - 2017-09-07 15:59 - 000476160 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
      2017-10-20 21:24 - 2017-09-07 15:58 - 000663040 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
      2017-10-20 21:24 - 2017-09-07 15:58 - 000620032 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
      2017-10-20 21:24 - 2017-09-07 15:58 - 000115712 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
      2017-10-20 21:24 - 2017-09-07 15:58 - 000104960 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
      2017-10-20 21:24 - 2017-09-07 15:52 - 000667648 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
      2017-10-20 21:24 - 2017-09-07 15:49 - 000416256 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
      2017-10-20 21:24 - 2017-09-07 15:44 - 000073216 _____ (Microsoft Corporation) C:\windows\system32\tdc.ocx
      2017-10-20 21:24 - 2017-09-07 15:44 - 000060416 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
      2017-10-20 21:24 - 2017-09-07 15:43 - 000091136 _____ (Microsoft Corporation) C:\windows\system32\inseng.dll
      2017-10-20 21:24 - 2017-09-07 15:40 - 000168960 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
      2017-10-20 21:24 - 2017-09-07 15:39 - 000076288 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
      2017-10-20 21:24 - 2017-09-07 15:37 - 000279040 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
      2017-10-20 21:24 - 2017-09-07 15:36 - 000130048 _____ (Microsoft Corporation) C:\windows\system32\occache.dll
      2017-10-20 21:24 - 2017-09-07 15:29 - 004547072 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
      2017-10-20 21:24 - 2017-09-07 15:29 - 000230400 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
      2017-10-20 21:24 - 2017-09-07 15:26 - 000694784 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
      2017-10-20 21:24 - 2017-09-07 15:26 - 000690688 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
      2017-10-20 21:24 - 2017-09-07 15:25 - 002058752 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
      2017-10-20 21:24 - 2017-09-07 15:25 - 001155072 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
      2017-10-20 21:24 - 2017-09-07 15:17 - 013677568 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
      2017-10-20 21:24 - 2017-09-07 15:01 - 002767872 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
      2017-10-20 21:24 - 2017-09-07 14:57 - 001316864 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
      2017-10-20 21:24 - 2017-09-07 14:57 - 000710144 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
      2017-10-20 21:24 - 2017-09-07 12:12 - 002755072 _____ (Microsoft Corporation) C:\windows\system32\themeui.dll
      2017-10-20 21:24 - 2017-09-07 11:48 - 000313856 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srv2.sys
      2017-10-20 21:24 - 2017-09-07 11:48 - 000312320 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srv.sys
      2017-10-20 21:24 - 2017-09-07 11:48 - 000115712 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srvnet.sys
      2017-10-20 15:55 - 2017-10-20 15:56 - 006654960 _____ (AVAST Software) C:\Users\camila\Downloads\avast_free_antivirus_setup_online_cnet2.exe
      2017-10-20 15:52 - 2017-10-20 15:52 - 000110048 _____ C:\Users\camila\AppData\Local\GDIPFONTCACHEV1.DAT
      2017-10-20 15:51 - 2017-10-21 03:42 - 000410712 _____ C:\windows\system32\FNTCACHE.DAT
      2017-10-20 15:46 - 2017-10-21 14:52 - 000000000 ____D C:\Program Files\AVAST Software
      2017-10-20 15:33 - 2017-10-20 15:33 - 000026591 _____ C:\Users\camila\Desktop\combofix.txt
      2017-10-20 15:30 - 2017-10-20 15:30 - 008874600 _____ (AVAST Software) C:\Users\camila\Downloads\avastclear (2).exe
      2017-10-20 15:25 - 2017-10-20 15:25 - 000026593 _____ C:\ComboFix.txt
      2017-10-20 13:56 - 2017-10-20 13:56 - 005660403 ____R (Swearware) C:\Users\camila\Desktop\ComboFix.exe
      2017-10-16 23:34 - 2011-06-26 03:45 - 000256000 _____ C:\windows\PEV.exe
      2017-10-16 23:34 - 2010-11-07 14:20 - 000208896 _____ C:\windows\MBR.exe
      2017-10-16 23:34 - 2009-04-20 01:56 - 000060416 _____ (NirSoft) C:\windows\NIRCMD.exe
      2017-10-16 23:34 - 2000-08-30 21:00 - 000518144 _____ (SteelWerX) C:\windows\SWREG.exe
      2017-10-16 23:34 - 2000-08-30 21:00 - 000406528 _____ (SteelWerX) C:\windows\SWSC.exe
      2017-10-16 23:34 - 2000-08-30 21:00 - 000098816 _____ C:\windows\sed.exe
      2017-10-16 23:34 - 2000-08-30 21:00 - 000080412 _____ C:\windows\grep.exe
      2017-10-16 23:34 - 2000-08-30 21:00 - 000068096 _____ C:\windows\zip.exe
      2017-10-16 23:33 - 2017-10-20 15:25 - 000000000 ____D C:\Qoobox
      2017-10-16 23:33 - 2017-10-20 14:15 - 000000000 ____D C:\windows\erdnt
      2017-10-16 20:06 - 2017-10-16 20:06 - 000000000 ____D C:\Program Files\ESET
      2017-10-13 13:19 - 2017-10-13 13:19 - 000014956 _____ C:\Users\camila\Downloads\Solicitud_de_Beca.pdf
      2017-10-13 13:19 - 2017-10-13 13:19 - 000014660 _____ C:\Users\camila\Downloads\Solicitud_de_Beca (1).pdf
      2017-10-09 00:13 - 2017-10-09 00:13 - 000003652 _____ C:\Users\camila\Downloads\524062017928153.mpd
      2017-10-08 18:57 - 2017-10-08 18:57 - 000357854 _____ C:\Users\camila\Downloads\29904-85205-1-SM.pdf
      2017-10-08 17:30 - 2017-10-08 17:30 - 001518621 _____ C:\Users\camila\Downloads\El mercader de Venecia Como gusteis - William Shakespeare.pdf
      2017-10-08 16:52 - 2017-10-08 16:52 - 000000043 _____ C:\Users\camila\Downloads\hbpix (1)
      2017-10-04 15:57 - 2017-10-04 15:58 - 000000043 _____ C:\Users\camila\Downloads\hbpix
      2017-10-03 10:46 - 2017-10-03 10:46 - 000016490 _____ C:\Users\camila\Downloads\Information_2017_10_03_10_46_08.csv
      2017-10-02 22:10 - 2017-08-09 18:57 - 734205952 _____ C:\Users\Invitado\Downloads\Moana 2016.avi
      2017-10-02 18:28 - 2017-10-02 21:46 - 738401764 _____ C:\Users\Invitado\Downloads\M04n4dvdriplatin0.rar
      2017-10-02 17:31 - 2017-06-29 01:47 - 730093568 _____ C:\Users\Invitado\Downloads\Un jefe en pañales.avi
      2017-10-02 15:02 - 2017-10-02 16:41 - 734794868 _____ C:\Users\Invitado\Downloads\B0sbabby.rar
      2017-10-02 12:15 - 2017-10-02 12:15 - 000000000 ____D C:\Users\Invitado\Documents\Jimena
      2017-10-02 11:30 - 2017-10-02 11:30 - 000000000 ____D C:\Users\camila\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Malwarebytes
      2017-10-02 11:11 - 2017-10-02 11:11 - 007142408 _____ (AVAST Software) C:\Users\camila\Downloads\avast_free_antivirus_setup_online.exe
      2017-10-02 08:52 - 2017-10-02 08:52 - 000241247 _____ C:\Users\camila\Documents\meme.jpeg
      2017-10-02 00:29 - 2017-10-02 11:30 - 000000000 ____D C:\Users\camila\Documents\Problema
      2017-10-02 00:18 - 2017-10-02 10:58 - 000000000 ____D C:\Program Files\CCleaner
      2017-10-02 00:18 - 2017-10-02 00:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
      2017-10-02 00:14 - 2017-10-02 00:16 - 071089112 _____ (Malwarebytes ) C:\Users\camila\Downloads\mb3-setup-consumer-3.2.2.2029-1.0.207-1.0.2899.exe
      2017-10-02 00:13 - 2017-10-02 00:30 - 000000000 ____D C:\AdwCleaner
      2017-10-01 14:19 - 2017-10-01 14:20 - 001048064 _____ C:\Users\camila\Downloads\ISFD_Y_T_N_166_Propuestas_Academica_2017.ppt
      2017-10-01 12:31 - 2013-06-22 11:13 - 000000088 _____ C:\Users\camila\Downloads\booksmedicos.org.txt
      2017-10-01 12:17 - 2017-10-01 12:30 - 112419732 _____ C:\Users\camila\Downloads\301016Embriologia.Medica.Langman.13a.Ed_booksmedicos.org (1).rar
      2017-09-30 20:51 - 2017-09-30 20:51 - 000016795 _____ C:\Users\camila\Downloads\NOTAS PARCIAL M2 2ºCUATRIMESTRE 2017 (1).xlsx
      2017-09-29 23:22 - 2017-09-29 23:22 - 003782161 _____ C:\Users\camila\Downloads\M1 Olavarría 2017 (E1) Embriología (1).pdf
      2017-09-29 23:22 - 2017-09-29 23:22 - 002898432 _____ C:\Users\camila\Downloads\MEDULA 2017 (1).ppt
      2017-09-29 23:21 - 2017-09-29 23:22 - 014178816 _____ C:\Users\camila\Downloads\FOSA POSTERIOR CONTENIDO 2016 (1).ppt

      ==================== One Month Modified files and folders ========

      (If an entry is included in the fixlist, the file/folder will be moved.)

      2017-10-25 20:48 - 2016-02-08 18:26 - 000000408 _____ C:\windows\Tasks\HP Photo Creations Communicator.job
      2017-10-25 20:46 - 2009-07-14 01:34 - 000022624 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
      2017-10-25 20:46 - 2009-07-14 01:34 - 000022624 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
      2017-10-25 20:37 - 2009-07-14 01:53 - 000000006 ____H C:\windows\Tasks\SA.DAT
      2017-10-23 22:34 - 2013-07-09 18:50 - 000000000 ____D C:\windows\Minidump
      2017-10-23 01:25 - 2017-08-25 14:30 - 000000000 ____D C:\Users\Invitado\AppData\Roaming\SoftGrid Client
      2017-10-23 00:53 - 2016-12-20 21:21 - 000000000 ____D C:\Users\camila\AppData\Local\Spotify
      2017-10-23 00:51 - 2016-12-20 21:20 - 000000000 ____D C:\Users\camila\AppData\Roaming\Spotify
      2017-10-22 12:32 - 2013-02-24 21:43 - 000000000 ____D C:\Users\camila\AppData\Local\ElevatedDiagnostics
      2017-10-22 12:30 - 2017-02-20 02:45 - 000000000 ____D C:\Users\Invitado\AppData\Roaming\Spotify
      2017-10-22 11:52 - 2013-02-21 20:44 - 000000000 ____D C:\Users\camila\AppData\Local\CrashDumps
      2017-10-21 16:51 - 2016-09-04 16:11 - 000000000 ____D C:\Users\Invitado\AppData\Local\CrashDumps
      2017-10-21 16:23 - 2009-07-13 23:37 - 000000000 ____D C:\windows\rescache
      2017-10-21 15:39 - 2009-07-13 23:37 - 000000000 ____D C:\windows\inf
      2017-10-21 15:35 - 2010-11-20 21:30 - 000767188 _____ C:\windows\system32\perfh00A.dat
      2017-10-21 15:35 - 2010-11-20 21:30 - 000166630 _____ C:\windows\system32\perfc00A.dat
      2017-10-21 15:35 - 2010-11-20 18:01 - 001695058 _____ C:\windows\system32\PerfStringBackup.INI
      2017-10-21 14:50 - 2017-04-16 03:34 - 000000000 ____D C:\Users\camila\Documents\Freemake
      2017-10-21 03:14 - 2009-07-13 23:37 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
      2017-10-21 03:14 - 2009-07-13 23:04 - 000000648 _____ C:\windows\win.ini
      2017-10-21 03:13 - 2013-07-26 19:12 - 000000000 ____D C:\windows\system32\MRT
      2017-10-21 03:05 - 2013-03-21 21:08 - 124059592 ____C (Microsoft Corporation) C:\windows\system32\MRT.exe
      2017-10-20 16:10 - 2017-01-23 12:17 - 000000000 ____D C:\ProgramData\AVAST Software
      2017-10-20 15:18 - 2009-07-13 23:04 - 000000215 _____ C:\windows\system.ini
      2017-10-09 04:14 - 2014-05-01 15:14 - 000000000 ____D C:\Users\Invitado
      2017-10-09 03:56 - 2017-02-05 15:22 - 000000000 ____D C:\Users\Invitado\5sos
      2017-10-07 18:17 - 2017-06-09 21:40 - 000000000 _____ C:\windows\system32\last.dump
      2017-10-06 15:00 - 2017-01-22 17:11 - 000000000 ____D C:\ProgramData\Malwarebytes
      2017-10-04 19:40 - 2017-02-20 02:48 - 000000000 ____D C:\Users\Invitado\AppData\Local\Spotify
      2017-10-04 14:04 - 2013-12-20 23:21 - 000000000 ____D C:\Program Files\Google
      2017-10-03 16:10 - 2012-11-28 10:09 - 000000000 ____D C:\Users\camila
      2017-10-03 16:05 - 2013-02-19 23:24 - 000000000 ____D C:\Users\camila\AppData\Roaming\SoftGrid Client
      2017-09-29 23:24 - 2016-02-21 22:50 - 000000000 ____D C:\Users\camila\Documents\UNICEN

      ==================== Files in the root of some directories =======

      2015-01-30 18:36 - 2015-01-30 18:45 - 000007887 _____ () C:\Users\camila\AppData\Roaming\pcouffin.cat
      2015-01-30 18:36 - 2015-01-30 18:45 - 000001144 _____ () C:\Users\camila\AppData\Roaming\pcouffin.inf
      2015-01-30 18:36 - 2015-01-30 18:45 - 000000055 _____ () C:\Users\camila\AppData\Roaming\pcouffin.log
      2017-08-28 11:54 - 2017-08-28 11:54 - 000000000 ____H () C:\Users\camila\AppData\Local\BIT1A53.tmp
      2014-04-07 16:30 - 2014-04-07 16:47 - 000019456 _____ () C:\Users\camila\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
      2013-06-25 23:34 - 2014-02-16 15:42 - 000007596 _____ () C:\Users\camila\AppData\Local\Resmon.ResmonCfg
      2017-08-28 11:53 - 2017-08-28 11:53 - 000000000 _____ () C:\Users\camila\AppData\Local\{7F529EDC-0003-47F9-B8CD-988BC4E7CDE7}
      2015-01-13 16:21 - 2017-01-23 12:42 - 000003430 _____ () C:\ProgramData\hpzinstall.log

      ==================== Bamital & volsnap ======================

      (There is no automatic fix for files that do not pass verification.)

      C:\windows\explorer.exe => File is digitally signed
      C:\windows\system32\winlogon.exe => File is digitally signed
      C:\windows\system32\wininit.exe => File is digitally signed
      C:\windows\system32\svchost.exe => File is digitally signed
      C:\windows\system32\services.exe => File is digitally signed
      C:\windows\system32\User32.dll => File is digitally signed
      C:\windows\system32\userinit.exe => File is digitally signed
      C:\windows\system32\rpcss.dll => File is digitally signed
      C:\windows\system32\dnsapi.dll => File is digitally signed
      C:\windows\system32\Drivers\volsnap.sys => File is digitally signed

      LastRegBack: 2017-10-21 16:13

      ==================== End of FRST.txt ============================

    4. #14
      Usuario Avatar de Camila06
      Registrado
      sep 2017
      Ubicación
      Argentina
      Mensajes
      12

      Re: Protección contra spyware y software no deseado desactivada

      Additional scan result of Farbar Recovery Scan Tool (x86) Version: 26-10-2017
      Ran by camila (25-10-2017 20:55:10)
      Running from C:\Users\camila\Desktop
      Windows 7 Home Basic Service Pack 1 (X86) (2012-11-28 13:09:04)
      Boot Mode: Normal
      ==========================================================


      ==================== Accounts: =============================

      Administrador (S-1-5-21-2830203645-438559757-2077044639-500 - Administrator - Disabled)
      camila (S-1-5-21-2830203645-438559757-2077044639-1000 - Administrator - Enabled) => C:\Users\camila
      Invitado (S-1-5-21-2830203645-438559757-2077044639-501 - Limited - Enabled) => C:\Users\Invitado

      ==================== Security Center ========================

      (If an entry is included in the fixlist, it will be removed.)


      ==================== Installed Programs ======================

      (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

      . . . (HKLM\...\{2394186A-5445-4293-B739-352009350342}) (Version: 3.0.0.9 - Intel) Hidden
      32 Bit HP CIO Components Installer (HKLM\...\{A80FA752-C491-4ED9-ABF0-4278563160B2}) (Version: 7.1.8 - Hewlett-Packard) Hidden
      7-Zip 16.04 (HKLM\...\{23170F69-40C1-2701-1604-000001000000}) (Version: 16.04.00.0 - Igor Pavlov)
      7-Zip 9.22beta (HKLM\...\7-Zip) (Version: - )
      Adobe Acrobat Reader DC - Español (HKLM\...\{AC76BA86-7AD7-1034-7B44-AC0F074E4100}) (Version: 17.012.20098 - Adobe Systems Incorporated)
      Adobe Digital Editions 2.0 (HKLM\...\Adobe Digital Editions 2.0) (Version: 2.0.1 - Adobe Systems Incorporated)
      Adobe Flash Player 26 PPAPI (HKLM\...\Adobe Flash Player PPAPI) (Version: 26.0.0.151 - Adobe Systems Incorporated)
      Adobe Shockwave Player 12.2 (HKLM\...\Adobe Shockwave Player) (Version: 12.2.5.195 - Adobe Systems, Inc.)
      Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 17.7.2314 - AVAST Software)
      BufferChm (HKLM\...\{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}) (Version: 130.0.331.000 - Hewlett-Packard) Hidden
      C4400 (HKLM\...\{B1E33614-25CC-4C2A-8CBA-88B51ABF67E0}) (Version: 130.0.365.000 - Hewlett-Packard) Hidden
      CCleaner (HKLM\...\CCleaner) (Version: 5.35 - Piriform)
      Cisco EAP-FAST Module (HKLM\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
      Cisco LEAP Module (HKLM\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
      Cisco PEAP Module (HKLM\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
      Control ActiveX de Windows Live Mesh para conexiones remotas (HKLM\...\{04668DF2-D32F-4555-9C7E-35523DCD6544}) (Version: 15.4.5722.2 - Microsoft Corporation)
      Copy (HKLM\...\{3C92B2E6-380D-4fef-B4DF-4A3B4B669771}) (Version: 130.0.428.000 - Hewlett-Packard) Hidden
      D3DX10 (HKLM\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
      Destinations (HKLM\...\{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}) (Version: 130.0.0.0 - Hewlett-Packard) Hidden
      DeviceDiscovery (HKLM\...\{2FF8C687-DB7D-4adc-A5DC-57983EC25046}) (Version: 130.0.465.000 - Hewlett-Packard) Hidden
      Driver 1.2 (HKLM\...\{BA56CD60-1D9F-4BE6-AC2F-B7C4A5437C35}) (Version: 1.2 - OEM)
      Driver Booster 3.5 (HKLM\...\Driver Booster_is1) (Version: 3.5 - IObit)
      ESET Online Scanner v3 (HKLM\...\ESET Online Scanner) (Version: - )
      Galería fotográfica de Windows Live (HKLM\...\{E85A4EFC-82F2-4CEE-8A8E-62FDAD353A66}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
      GOM Player (HKLM\...\GOM Player) (Version: 2.3.8.5262 - Gretech Corporation)
      Google Chrome (HKLM\...\Google Chrome) (Version: 61.0.3163.100 - Google Inc.)
      Google Talk Plugin (HKLM\...\{F9B579C2-D854-300A-BE62-A09EB9D722E4}) (Version: 5.41.3.0 - Google)
      Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
      GPBaseService2 (HKLM\...\{63FF21C9-A810-464F-B60A-3111747B1A6D}) (Version: 130.0.371.000 - Hewlett-Packard) Hidden
      Hacer clic y ejecutar de Microsoft Office 2010 (HKLM\...\{90140000-006D-0C0A-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
      Hacer clic y ejecutar de Microsoft Office 2010 (HKLM\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
      HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
      HP Photo Creations (HKU\S-1-5-21-2830203645-438559757-2077044639-1000\...\HP Photo Creations) (Version: 1.0.0.22142 - HP)
      HP Photosmart C4400 All-In-One Driver Software 13.0 Rel. 3 (HKLM\...\{8181C5B7-2FF5-4677-BA6A-8E2C3F5A7601}) (Version: 13.0 - HP)
      HP Smart Web Printing 4.51 (HKLM\...\HP Smart Web Printing) (Version: 4.51 - HP)
      HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
      HP Update (HKLM\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
      HPDiagnosticAlert (HKLM\...\{B6465A32-8BE9-4B38-ADC5-4B4BDDC10B0D}) (Version: 1.00.0001 - Microsoft) Hidden
      HPPhotoGadget (HKLM\...\{CAE4213F-F797-439D-BD9E-79B71D115BE3}) (Version: 130.0.282.000 - Hewlett-Packard) Hidden
      HPProductAssistant (HKLM\...\{C43326F5-F135-4551-8270-7F7ABA0462E1}) (Version: 130.0.371.000 - Hewlett-Packard) Hidden
      Human Anatomy Atlas version 7.4.01 (HKLM\...\{0DDE4272-3433-4C74-ADA6-72350805D612}_is1) (Version: 7.4.01 - Visible Body - m!DVT)
      IDT Audio (HKLM\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6289.0 - IDT)
      ImgBurn (HKLM\...\ImgBurn) (Version: 2.5.5.0 - LIGHTNING UK!)
      Intel(R) Graphics Media Accelerator Driver (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2413 - Intel Corporation)
      Intel(R) Rapid Storage Technology (HKLM\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.0.1014 - Intel Corporation)
      Intel® Driver & Support Assistant (HKLM\...\{01f3f6b8-1a81-4b10-b51f-f69af12e1d69}) (Version: 3.0.0.9 - Intel)
      IPM 1.6 (HKLM\...\{AADF4228-0772-4D43-92EB-B245E3A17B00}) (Version: 1.6 - OEM)
      Java 7 Update 51 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle)
      JMicron Ethernet Adapter NDIS Driver (HKLM\...\{96DCEE2F-98EE-4F80-8C0F-7C04D1FB9D7F}) (Version: 6.0.17.1 - JMicron Technology Corp.)
      JMicron Flash Media Controller Driver (HKLM\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.45.0 - JMicron Technology Corp.)
      Junk Mail filter update (HKLM\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
      LG United Mobile Driver (HKLM\...\{2A3A4BD6-6CE0-4E2A-80D2-1D0FF6ACBFBA}) (Version: 3.8.1 - LG Electronics)
      Mesh Runtime (HKLM\...\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}) (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
      Messenger Companion (HKLM\...\{939C80FA-96C9-44A6-B318-8E7D8BD8481B}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
      Microsoft .NET Framework 4.7 (español) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 3082) (Version: 4.7.02053 - Microsoft Corporation)
      Microsoft .NET Framework 4.7 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02053 - Microsoft Corporation)
      Microsoft Office 2010 (HKLM\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
      Microsoft Office Home and Student 2010 (HKLM\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
      Microsoft Office Starter 2010 - Español (HKLM\...\{90140011-0066-0C0A-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
      Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
      Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
      Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
      Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218 (HKLM\...\{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}) (Version: 9.0.21022.218 - Microsoft Corporation)
      Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
      Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
      Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
      Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
      Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation)
      MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
      MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
      OSD 1.7 (HKLM\...\{5A9C96FE-1376-45E1-8556-C81255F0B5A7}) (Version: 1.7 - OEM)
      Paquete de idioma de Microsoft Visual Studio 2010 Tools para Office Runtime (x86) - ESN (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - ESN) (Version: 10.0.50903 - Microsoft Corporation)
      PhotoScape (HKLM\...\PhotoScape) (Version: - )
      Pivot Animator version 4.2.6 (HKLM\...\Pivot Animator_is1) (Version: 4.2.6 - Motus Software Ltd)
      PS_AIO_03_C4400_Software_Min (HKLM\...\{7E5A8023-0E90-4503-A1EA-C9FC25680AF9}) (Version: 130.0.365.000 - Hewlett-Packard) Hidden
      REALTEK Wireless LAN Driver (HKLM\...\{9D3D8C60-A55F-4123-B2B9-173F09590E16}) (Version: 1.00.0180 - REALTEK Semiconductor Corp.)
      Samsung_MonSetup (HKLM\...\{8EA79DBF-D637-448A-89D6-410A087A4493}) (Version: 1.00.0000 - Samsung)
      Scan (HKLM\...\{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}) (Version: 13.0.0.0 - Hewlett-Packard) Hidden
      Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
      SmartWebPrinting (HKLM\...\{DC635845-46D3-404B-BCB1-FC4A91091AFA}) (Version: 130.0.457.000 - Hewlett-Packard) Hidden
      SolutionCenter (HKLM\...\{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}) (Version: 130.0.373.000 - Hewlett-Packard) Hidden
      Spotify (HKU\S-1-5-21-2830203645-438559757-2077044639-1000\...\Spotify) (Version: 1.0.64.399.g4637b02a - Spotify AB)
      Status (HKLM\...\{0EF5BEA9-B9D3-46d7-8958-FB69A0BAEACC}) (Version: 130.0.469.000 - Hewlett-Packard) Hidden
      swMSM (HKLM\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
      Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.12.0 - Synaptics Incorporated)
      Toolbox (HKLM\...\{6BBA26E9-AB03-4FE7-831A-3535584CA002}) (Version: 130.0.648.000 - Hewlett-Packard) Hidden
      TrayApp (HKLM\...\{1EC71BFB-01A3-4239-B6AF-B1AE656B15C0}) (Version: 130.0.422.000 - Hewlett-Packard) Hidden
      Unity Web Player (HKU\S-1-5-21-2830203645-438559757-2077044639-1000\...\UnityWebPlayer) (Version: 5.3.8f1 - Unity Technologies ApS)
      UnloadSupport (HKLM\...\{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}) (Version: 11.0.0 - Hewlett-Packard) Hidden
      WebReg (HKLM\...\{43CDF946-F5D9-4292-B006-BA0D92013021}) (Version: 130.0.132.017 - Hewlett-Packard) Hidden
      Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
      Windows Movie Maker 2.6 (HKLM\...\{B3DAF54F-DB25-4586-9EF1-96D24BB14088}) (Version: 2.6.4037.0 - Microsoft Corporation)

      ==================== Custom CLSID (Whitelisted): ==========================

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      CustomCLSID: HKU\S-1-5-21-2830203645-438559757-2077044639-1000_Classes\CLSID\{00EEBF57-477D-4084-9921-7AB3C2C9459D}\InprocServer32 -> no filepath
      CustomCLSID: HKU\S-1-5-21-2830203645-438559757-2077044639-1000_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Users\camila\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
      CustomCLSID: HKU\S-1-5-21-2830203645-438559757-2077044639-1000_Classes\CLSID\{08244EE6-92F0-47F2-9FC9-929BAA2E7235}\InprocServer32 -> no filepath
      CustomCLSID: HKU\S-1-5-21-2830203645-438559757-2077044639-1000_Classes\CLSID\{0E5AAE11-A475-4C5B-AB00-C66DE400274E}\InprocServer32 -> no filepath
      CustomCLSID: HKU\S-1-5-21-2830203645-438559757-2077044639-1000_Classes\CLSID\{144DF3B2-2402-47AE-9583-5A045929A8D4}\InprocServer32 -> C:\Users\camila\AppData\Local\Google\Update\1.3.33.5\psuser.dll (Google Inc.)
      CustomCLSID: HKU\S-1-5-21-2830203645-438559757-2077044639-1000_Classes\CLSID\{1F486A52-3CB1-48FD-8F50-B8DC300D9F9D}\InprocServer32 -> no filepath
      CustomCLSID: HKU\S-1-5-21-2830203645-438559757-2077044639-1000_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> C:\Users\camila\AppData\Local\Google\Update\1.3.33.5\GoogleUpdateOnDemand.exe (Google Inc.)
      CustomCLSID: HKU\S-1-5-21-2830203645-438559757-2077044639-1000_Classes\CLSID\{23170F69-40C1-278A-1000-000100020000}\InprocServer32 -> C:\Program Files\7-Zip\7-zip.dll (Igor Pavlov)
      CustomCLSID: HKU\S-1-5-21-2830203645-438559757-2077044639-1000_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> C:\Users\camila\AppData\Local\Google\Update\1.3.33.5\GoogleUpdateOnDemand.exe (Google Inc.)
      CustomCLSID: HKU\S-1-5-21-2830203645-438559757-2077044639-1000_Classes\CLSID\{39125640-8D80-11DC-A2FE-C5C455D89593}\InprocServer32 -> C:\Users\camila\AppData\Local\Google\Google Talk Plugin\googletalkax.dll (Google)
      CustomCLSID: HKU\S-1-5-21-2830203645-438559757-2077044639-1000_Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\InprocServer32 -> C:\Users\camila\AppData\LocalLow\Unity\WebPlayer\loader\UnityWebPluginAX.ocx (Unity Technologies ApS)
      CustomCLSID: HKU\S-1-5-21-2830203645-438559757-2077044639-1000_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> C:\Users\camila\AppData\Local\Google\Update\1.3.33.5\GoogleUpdateOnDemand.exe (Google Inc.)
      CustomCLSID: HKU\S-1-5-21-2830203645-438559757-2077044639-1000_Classes\CLSID\{76765B11-3F95-4AF2-AC9D-EA55D8994F1A}\InprocServer32 -> no filepath
      CustomCLSID: HKU\S-1-5-21-2830203645-438559757-2077044639-1000_Classes\CLSID\{76D0CB12-7604-4048-B83C-1005C7DDC503}\InprocServer32 -> no filepath
      CustomCLSID: HKU\S-1-5-21-2830203645-438559757-2077044639-1000_Classes\CLSID\{9356e2bb-6c9a-43c0-a771-5cacbdab6afe}\InprocServer32 -> C:\Users\camila\AppData\Roaming\HP Photo Creations\RLPNUpload.dll (RocketLife)
      CustomCLSID: HKU\S-1-5-21-2830203645-438559757-2077044639-1000_Classes\CLSID\{A10E0335-AFCA-4E7E-975F-CA30235FB29A}\InprocServer32 -> C:\Users\camila\AppData\Roaming\Visan\plugins\npRLSecurePluginLayer.dll (RocketLife, LLP)
      CustomCLSID: HKU\S-1-5-21-2830203645-438559757-2077044639-1000_Classes\CLSID\{A4A1A128-768F-41E0-BF75-E4FDDD701CBA}\InprocServer32 -> no filepath
      CustomCLSID: HKU\S-1-5-21-2830203645-438559757-2077044639-1000_Classes\CLSID\{AB9F4455-E591-4132-A386-0B91EAEDB96C}\InprocServer32 -> C:\Users\camila\AppData\Local\Google\Google Talk Plugin\o1dax.dll (Google)
      CustomCLSID: HKU\S-1-5-21-2830203645-438559757-2077044639-1000_Classes\CLSID\{B196B286-BAB4-101A-B69C-00AA00341D07}\InprocServer32 -> no filepath
      CustomCLSID: HKU\S-1-5-21-2830203645-438559757-2077044639-1000_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Users\camila\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll (Google Inc.)
      CustomCLSID: HKU\S-1-5-21-2830203645-438559757-2077044639-1000_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Users\camila\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll (Google Inc.)
      CustomCLSID: HKU\S-1-5-21-2830203645-438559757-2077044639-1000_Classes\CLSID\{cc05a616-ddb3-4cc0-9a21-dc0e9962b444}\InprocServer32 -> C:\Users\camila\AppData\Roaming\HP Photo Creations\ContentMan.dll (RocketLife)
      CustomCLSID: HKU\S-1-5-21-2830203645-438559757-2077044639-1000_Classes\CLSID\{D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}\InprocServer32 -> no filepath
      CustomCLSID: HKU\S-1-5-21-2830203645-438559757-2077044639-1000_Classes\CLSID\{DFFACDC5-679F-4156-8947-C5C76BC0B67F}\InprocServer32 -> no filepath
      CustomCLSID: HKU\S-1-5-21-2830203645-438559757-2077044639-1000_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> C:\Users\camila\AppData\Local\Google\Update\1.3.33.5\GoogleUpdateOnDemand.exe (Google Inc.)
      CustomCLSID: HKU\S-1-5-21-2830203645-438559757-2077044639-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\camila\AppData\Local\Google\Update\1.3.33.5\psuser.dll (Google Inc.)
      CustomCLSID: HKU\S-1-5-21-2830203645-438559757-2077044639-1000_Classes\CLSID\{F562A2C8-E850-4F05-8E7A-E7192E4E6C23}\InprocServer32 -> no filepath
      CustomCLSID: HKU\S-1-5-21-2830203645-438559757-2077044639-1000_Classes\CLSID\{ff280b55-14f1-49ae-b40f-15f5294ce630}\InprocServer32 -> C:\Users\camila\AppData\Roaming\HP Photo Creations\RocketEngine.dll (Visan inc.)
      CustomCLSID: HKU\S-1-5-21-2830203645-438559757-2077044639-1000_Classes\CLSID\{FFE2A43C-56B9-4BF5-9A79-CC6D4285608A}\InprocServer32 -> no filepath
      ShellIconOverlayIdentifiers: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => -> No File
      ShellIconOverlayIdentifiers: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => -> No File
      ShellIconOverlayIdentifiers: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => -> No File
      ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2017-10-21] (AVAST Software)
      ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
      ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2017-10-21] (AVAST Software)
      ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2017-10-21] (AVAST Software)
      ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
      ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\windows\system32\igfxpph.dll [2011-06-03] (Intel Corporation)
      ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
      ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2017-10-21] (AVAST Software)

      ==================== Scheduled Tasks (Whitelisted) =============

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      Task: {08BA60B2-F623-4496-BC0A-88A4244A6CCB} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files\Norton Internet Security\Engine\22.8.1.14\SymErr.exe
      Task: {35094ED6-6F07-4BDB-8B6D-9FF2E0B01FCD} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2830203645-438559757-2077044639-1000Core => C:\Users\camila\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
      Task: {416A2F4A-2DCB-46FD-846B-9C6F078130FA} - System32\Tasks\HP Photo Creations Communicator => C:\Users\camila\AppData\Roaming\HP Photo Creations\Communicator.exe [2017-01-27] ()
      Task: {4FAE93D8-3D20-4064-873E-42D7AEDB55CD} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2017-08-21] (Google Inc.)
      Task: {5DC18663-0C76-4D90-A133-859314533D89} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2017-10-21] (AVAST Software)
      Task: {6146C578-A793-4054-8E88-FA05D4AA26C2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2017-08-21] (Google Inc.)
      Task: {89267F3B-1CEB-41C0-9B95-A4FA22E8E81D} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\windows\system32\Macromed\Flash\FlashUtil32_26_0_0_151_pepper.exe [2017-08-21] (Adobe Systems Incorporated)
      Task: {92C050D6-AA7F-45E7-999D-1B6BFD9F05CA} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-09-20] (Piriform Ltd)
      Task: {97E16031-5BFD-49D9-A370-B3A4100460B7} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files\Norton Internet Security\Engine\22.8.1.14\SymErr.exe
      Task: {AC364A68-5F16-4AA6-BB33-8BE34085028D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-07-19] (Adobe Systems Incorporated)
      Task: {AD6EF9E5-A3FE-42AB-A61E-B71862721B16} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton Internet Security\Upgrade.exe [2016-11-12] (Symantec Corporation)
      Task: {B1A00214-0E78-499E-A57B-A463C04FF149} - \WPD\SqmUpload_S-1-5-21-2830203645-438559757-2077044639-500 -> No File <==== ATTENTION
      Task: {C18E4892-0D02-47A4-9C0A-5CBBF8B58F45} - \{7EDEFC30-8E44-4786-AED0-79CA358B239A} -> No File <==== ATTENTION
      Task: {C1C50198-C6B2-4CFA-8F83-5C17F3740F8F} - \{7DF6ABF8-25A9-433C-B4F0-5F702DD0E0D1} -> No File <==== ATTENTION
      Task: {D050B50A-B354-47E2-8F4E-C8384F98BE73} - \SidebarExecute -> No File <==== ATTENTION
      Task: {E02B6CB6-9EE4-49FC-8CCD-21824D47A52D} - \Norton WSC Integration -> No File <==== ATTENTION
      Task: {E134BDA2-AC6B-402D-AC30-604F03985D65} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2830203645-438559757-2077044639-1000UA => C:\Users\camila\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
      Task: {E786A76E-EE65-4C44-B782-1BF5C943AACC} - System32\Tasks\Adobe Flash Player Updater => C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2017-08-21] (Adobe Systems Incorporated)

      (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

      Task: C:\windows\Tasks\HP Photo Creations Communicator.job => C:\Users\camila\AppData\Roaming\HP Photo Creations\Communicator.exe

      ==================== Shortcuts & WMI ========================

      (The entries could be listed to be restored or removed.)


      Shortcut: C:\Users\camila\Favorites\Sitio para descargas de NCH Software.lnk -> hxxp://www.nch.com.au/es/index.htm

      ==================== Loaded Modules (Whitelisted) ==============

      2017-10-21 14:56 - 2017-10-21 14:56 - 000059040 _____ () C:\Program Files\AVAST Software\Avast\module_lifetime.dll
      2017-10-21 14:56 - 2017-10-21 14:56 - 000167096 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
      2017-10-21 14:56 - 2017-10-21 14:56 - 000217088 _____ () C:\Program Files\AVAST Software\Avast\event_routing_rpc.dll
      2017-10-21 14:56 - 2017-10-21 14:56 - 000244584 _____ () C:\Program Files\AVAST Software\Avast\tasks_core.dll
      2017-10-21 14:56 - 2017-10-21 14:56 - 000151104 _____ () C:\Program Files\AVAST Software\Avast\network_notifications.dll
      2017-10-23 14:26 - 2017-10-23 14:26 - 005882040 _____ () C:\Program Files\AVAST Software\Avast\defs\17102302\algo.dll
      2017-10-21 14:56 - 2017-10-21 14:56 - 000700656 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
      2017-10-21 14:56 - 2017-10-21 14:56 - 000241448 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
      2017-09-15 21:30 - 2017-09-15 21:30 - 000170496 _____ () C:\windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\2b5f4a6496e65d431698f64ba7160604\IsdiInterop.ni.dll
      2011-10-19 18:13 - 2010-03-03 20:08 - 000058880 _____ () C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
      2017-10-21 14:56 - 2017-10-21 14:56 - 000142792 _____ () c:\Program Files\AVAST Software\Avast\vaarclient.dll
      2011-10-19 17:58 - 2011-05-05 10:29 - 000021504 _____ () C:\Program Files\Positivo BGH\Positivo BGH Experience\Positivo BGH Audio Power\CustomWindow.dll
      2011-10-19 17:58 - 2011-05-25 16:29 - 000192000 _____ () C:\Program Files\Positivo BGH\Positivo BGH Experience\Positivo BGH Audio Power\LibSoundManager.dll
      2017-10-21 14:56 - 2017-10-21 14:56 - 067109376 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
      2017-10-21 14:56 - 2017-10-21 14:56 - 000234280 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll

      ==================== Alternate Data Streams (Whitelisted) =========

      (If an entry is included in the fixlist, only the ADS will be removed.)


      ==================== Safe Mode (Whitelisted) ===================

      (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)


      ==================== Association (Whitelisted) ===============

      (If an entry is included in the fixlist, the registry item will be restored to default or removed.)

      HKU\S-1-5-21-2830203645-438559757-2077044639-1000\Software\Classes\.scr: => <==== ATTENTION
      HKU\S-1-5-21-2830203645-438559757-2077044639-1000\Software\Classes\.bat: batfile => <==== ATTENTION
      HKU\S-1-5-21-2830203645-438559757-2077044639-1000\Software\Classes\.com: ComFile => <==== ATTENTION
      HKU\S-1-5-21-2830203645-438559757-2077044639-1000\Software\Classes\.cmd: cmdfile => <==== ATTENTION
      HKU\S-1-5-21-2830203645-438559757-2077044639-1000\Software\Classes\.reg: => <==== ATTENTION

      ==================== Internet Explorer trusted/restricted ===============

      (If an entry is included in the fixlist, it will be removed from the registry.)


      ==================== Hosts content: ===============================

      (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

      2009-07-13 23:04 - 2017-10-20 15:18 - 000000027 _____ C:\windows\system32\Drivers\etc\hosts

      127.0.0.1 localhost

      ==================== Other Areas ============================

      (Currently there is no automatic fix for this section.)

      HKU\S-1-5-21-2830203645-438559757-2077044639-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\camila\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
      DNS Servers: 192.168.96.4 - 192.168.96.1
      HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: )
      Windows Firewall is enabled.

      ==================== MSCONFIG/TASK MANAGER disabled items ==

      MSCONFIG\Services: AdobeARMservice => 2
      MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
      MSCONFIG\Services: AntiVirMailService => 2
      MSCONFIG\Services: AntiVirSchedulerService => 2
      MSCONFIG\Services: AntiVirService => 2
      MSCONFIG\Services: AntiVirWebService => 2
      MSCONFIG\Services: Avira.ServiceHost => 2
      MSCONFIG\Services: BatteryManagerSrv => 2
      MSCONFIG\Services: cmcore => 2
      MSCONFIG\Services: gupdate => 2
      MSCONFIG\Services: gupdatem => 3
      MSCONFIG\Services: IAStorDataMgrSvc => 2
      MSCONFIG\Services: STacSV => 2
      MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^OSD.lnk => C:\windows\pss\OSD.lnk.CommonStartup
      MSCONFIG\startupreg: GoogleChromeAutoLaunch_6A2B435AD68292963E66E188FD9BC54F => "C:\Program Files\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5
      MSCONFIG\startupreg: HP Software Update => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
      MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\camila\AppData\Roaming\Spotify\SpotifyWebHelper.exe"

      ==================== FirewallRules (Whitelisted) ===============

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      FirewallRules: [WMP-Out-TCP-x86] => (Allow) %ProgramFiles(x86)%\Windows Media Player\wmplayer.exe
      FirewallRules: [WMP-Out-UDP-x86] => (Allow) %ProgramFiles(x86)%\Windows Media Player\wmplayer.exe
      FirewallRules: [WMP-In-UDP-x86] => (Allow) %ProgramFiles(x86)%\Windows Media Player\wmplayer.exe
      FirewallRules: [TCP Query User{F011CB9C-3333-49B7-8BEE-72EC9104DF6D}C:\program files\google\chrome\application\chrome.exe] => (Allow) C:\program files\google\chrome\application\chrome.exe
      FirewallRules: [UDP Query User{BD247D01-2152-4A52-8ED2-E206F02541EA}C:\program files\google\chrome\application\chrome.exe] => (Allow) C:\program files\google\chrome\application\chrome.exe
      FirewallRules: [TCP Query User{97081A64-3626-4EA8-9E4D-72FE91DEC533}C:\program files\google\chrome\application\chrome.exe] => (Block) C:\program files\google\chrome\application\chrome.exe
      FirewallRules: [UDP Query User{A8C8053E-AABE-4041-8FBC-BE05C6E71E82}C:\program files\google\chrome\application\chrome.exe] => (Block) C:\program files\google\chrome\application\chrome.exe
      FirewallRules: [{23006452-F803-493C-B646-A8A0388D6E5B}] => (Allow) C:\Program Files\IObit\Driver Booster\DriverBooster.exe
      FirewallRules: [{A1F3BC6F-5472-41D5-A106-F451C472A21F}] => (Allow) C:\Program Files\IObit\Driver Booster\DriverBooster.exe
      FirewallRules: [{AE6C0BE8-48EF-47F8-A8C2-588B51EBC580}] => (Allow) C:\Program Files\IObit\Driver Booster\DBDownloader.exe
      FirewallRules: [{F2728918-69A6-4EAE-8BBB-44FA6B432626}] => (Allow) C:\Program Files\IObit\Driver Booster\DBDownloader.exe
      FirewallRules: [{C6159FFB-8866-4990-9DCC-903105D961D3}] => (Allow) C:\Program Files\IObit\Driver Booster\AutoUpdate.exe
      FirewallRules: [{F52F4328-E145-47D2-B088-E05B74186130}] => (Allow) C:\Program Files\IObit\Driver Booster\AutoUpdate.exe
      FirewallRules: [{BC99B448-91F5-476D-B872-0AE63854CA73}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe

      ==================== Restore Points =========================

      Could not list restore points
      Check "winmgmt" service or repair WMI.


      ==================== Faulty Device Manager Devices =============

      Could not list Devices. Check "winmgmt" service or repair WMI.


      ==================== Event log errors: =========================

      Application errors:
      ==================
      Error: (10/25/2017 08:45:50 PM) (Source: CVHSVC) (EventID: 100) (User: )
      Description: Solo información.
      (Stream product id=0x0066): Streaming Failed

      Error: (10/25/2017 08:43:46 PM) (Source: CVHSVC) (EventID: 100) (User: )
      Description: Solo información.
      Too many failures while downloading ranges: 2

      Error: (10/25/2017 08:37:57 PM) (Source: SecurityCenter) (EventID: 3) (User: )
      Description: El Servicio de Centro de seguridad de Windows no pudo establecer consultas de eventos con WMI para supervisar programas antivirus, anti spyware y firewalls de terceros.

      Error: (10/25/2017 08:37:32 PM) (Source: WinMgmt) (EventID: 28) (User: )
      Description: No se pueden inicializar los archivos principales de WMI o el subsistema del proveedor o el subsistema del evento. Número de error: 0x80041002. Esto puede ser porque la versión de WMI está mal instalada, hay un error en la actualización del repositorio, o el espacio en disco o la memoria es insuficiente.

      Error: (10/24/2017 05:00:38 PM) (Source: CVHSVC) (EventID: 100) (User: )
      Description: Solo información.
      (Stream product id=0x0066): Streaming Failed

      Error: (10/24/2017 04:58:01 PM) (Source: CVHSVC) (EventID: 100) (User: )
      Description: Solo información.
      Too many failures while downloading ranges: 2

      Error: (10/24/2017 04:54:45 PM) (Source: SecurityCenter) (EventID: 3) (User: )
      Description: El Servicio de Centro de seguridad de Windows no pudo establecer consultas de eventos con WMI para supervisar programas antivirus, anti spyware y firewalls de terceros.

      Error: (10/24/2017 04:54:08 PM) (Source: WinMgmt) (EventID: 28) (User: )
      Description: No se pueden inicializar los archivos principales de WMI o el subsistema del proveedor o el subsistema del evento. Número de error: 0x80041002. Esto puede ser porque la versión de WMI está mal instalada, hay un error en la actualización del repositorio, o el espacio en disco o la memoria es insuficiente.

      Error: (10/24/2017 12:06:20 AM) (Source: CVHSVC) (EventID: 100) (User: )
      Description: Solo información.
      (Stream product id=0x0066): Streaming Failed

      Error: (10/24/2017 12:05:50 AM) (Source: CVHSVC) (EventID: 100) (User: )
      Description: Solo información.
      Too many failures while downloading ranges: 2


      System errors:
      =============
      Error: (10/25/2017 08:37:56 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
      Description: El siguiente controlador de inicio del sistema o de inicio del arranque no se cargó correctamente:
      ESProtectionDriver

      Error: (10/25/2017 08:37:03 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
      Description: El módulo de extensibilidad de WLAN no se pudo iniciar.

      Ruta de acceso del módulo: C:\windows\system32\Rtlihvs.dll
      Código de error: 126

      Error: (10/24/2017 04:54:40 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
      Description: El siguiente controlador de inicio del sistema o de inicio del arranque no se cargó correctamente:
      ESProtectionDriver

      Error: (10/24/2017 04:53:40 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
      Description: El módulo de extensibilidad de WLAN no se pudo iniciar.

      Ruta de acceso del módulo: C:\windows\system32\Rtlihvs.dll
      Código de error: 126

      Error: (10/24/2017 12:05:10 AM) (Source: DCOM) (EventID: 10016) (User: camila-PC-00)
      Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID
      {8BC3F05E-D86B-11D0-A075-00C04FB68820}
      y APPID
      {8BC3F05E-D86B-11D0-A075-00C04FB68820}
      al usuario camila-PC-00\Invitado con SID (S-1-5-21-2830203645-438559757-2077044639-501) en la dirección LocalHost (con LRPC). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

      Error: (10/24/2017 12:04:20 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
      Description: El siguiente controlador de inicio del sistema o de inicio del arranque no se cargó correctamente:
      ESProtectionDriver

      Error: (10/24/2017 12:04:16 AM) (Source: DCOM) (EventID: 10016) (User: camila-PC-00)
      Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID
      {8BC3F05E-D86B-11D0-A075-00C04FB68820}
      y APPID
      {8BC3F05E-D86B-11D0-A075-00C04FB68820}
      al usuario camila-PC-00\Invitado con SID (S-1-5-21-2830203645-438559757-2077044639-501) en la dirección LocalHost (con LRPC). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

      Error: (10/24/2017 12:03:11 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
      Description: El módulo de extensibilidad de WLAN no se pudo iniciar.

      Ruta de acceso del módulo: C:\windows\system32\Rtlihvs.dll
      Código de error: 126

      Error: (10/23/2017 10:34:29 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
      Description: El siguiente controlador de inicio del sistema o de inicio del arranque no se cargó correctamente:
      AFD
      aswbidsdriver
      aswbidsh
      aswblog
      aswbuniv
      aswRdr
      aswRvrt
      aswSnx
      aswSP
      aswVmm
      DfsC
      discache
      ESProtectionDriver
      HWiNFO32
      NetBIOS
      NetBT
      nsiproxy
      Psched
      rdbss
      spldr
      tdx
      vwififlt
      Wanarpv6
      WfpLwf
      ws2ifsl

      Error: (10/23/2017 10:34:29 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
      Description: El servicio Client Virtualization Handler depende del servicio Application Virtualization Client, el cual no pudo iniciarse debido al siguiente error:
      No se puede iniciar el servicio o grupo de dependencia.


      CodeIntegrity:
      ===================================
      Date: 2016-09-18 00:28:57.893
      Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\BASHDefs\20130301.001\BHDrvx86.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

      Date: 2016-09-18 00:28:57.612
      Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\Windows\System32\drivers\SYMEVENT.SYS porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

      Date: 2016-09-18 00:28:43.245
      Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\Windows\System32\drivers\aswKbd.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

      Date: 2016-09-18 00:28:41.264
      Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\Windows\System32\drivers\aswSnx.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

      Date: 2016-08-25 16:42:08.995
      Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\BASHDefs\20130301.001\BHDrvx86.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

      Date: 2016-08-25 16:42:08.714
      Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\Windows\System32\drivers\SYMEVENT.SYS porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

      Date: 2016-08-25 16:41:54.424
      Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\Windows\System32\drivers\aswKbd.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

      Date: 2016-08-25 16:41:52.927
      Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\Windows\System32\drivers\aswSnx.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

      Date: 2016-08-22 15:47:59.800
      Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\BASHDefs\20130301.001\BHDrvx86.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

      Date: 2016-08-22 15:47:59.534
      Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\Windows\System32\drivers\SYMEVENT.SYS porque el conjunto de hashes de imagen por página no se encuentra en el sistema.


      ==================== Memory info ===========================

      Processor: Pentium(R) Dual-Core CPU T4500 @ 2.30GHz
      Percentage of memory in use: 39%
      Total physical RAM: 3037.18 MB
      Available physical RAM: 1847.88 MB
      Total Virtual: 6072.68 MB
      Available Virtual: 4838.43 MB

      ==================== Drives ================================

      Drive c: (WIN7_OS) (Fixed) (Total:457.46 GB) (Free:263.92 GB) NTFS ==>[system with boot components (obtained from drive)]

      ==================== MBR & Partition Table ==================

      ========================================================
      Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: C0C814B6)
      Partition 1: (Active) - (Size=502 MB) - (Type=07 NTFS)
      Partition 2: (Not Active) - (Size=7.8 GB) - (Type=27)
      Partition 3: (Not Active) - (Size=457.5 GB) - (Type=07 NTFS)

      ==================== End of Addition.txt ============================

    5. #15
      Moderador
      Avatar de @MiguelRiaguel
      Registrado
      dic 2008
      Ubicación
      España
      Mensajes
      12.064

      Re: Protección contra spyware y software no deseado desactivada

      Ahora sigue estos pasos, MUY Importante ~ Realiza una copia de seguridad del registro:

      • Para hacerlo descarga >> DelFix.exe en tu escritorio.

        • Doble clic para ejecutarlo.(Si usas Windows Vista/7 u 8 presiona clic derecho y selecciona "Ejecutar como Administrador.")

        • Atención, ahora marca/selecciona únicamente la casilla "Create registry backup", las demás NO.

      • Pulsar en Run.

        Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.


      A continuación, ve a:

      Inicio >>> Ejecutar >>>Escribes notepad.exe.

      Ahora copia y pega estos archivos dentro del Notepad: (Se excluye la palabra código)

      Código:
      Start
      CreateRestorePoint:
      CloseProcesses:
      
      HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
      CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
      HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?bcutc=sp-006
      HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
      HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
      HKU\S-1-5-21-2830203645-438559757-2077044639-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
      HKU\S-1-5-21-2830203645-438559757-2077044639-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?bcutc=sp-006
      SearchScopes: HKLM -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
      SearchScopes: HKLM -> {7DFE3436-ECB4-4538-89D2-B78A653C4937} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MNMTDF&pc=MANM&src=IE-SearchBox
      SearchScopes: HKLM -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
      SearchScopes: HKU\S-1-5-21-2830203645-438559757-2077044639-1000 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
      SearchScopes: HKU\S-1-5-21-2830203645-438559757-2077044639-1000 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
      Toolbar: HKU\S-1-5-21-2830203645-438559757-2077044639-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
      U5 AppMgmt; C:\windows\system32\svchost.exe [20992 2009-07-13] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
      Task: {B1A00214-0E78-499E-A57B-A463C04FF149} - \WPD\SqmUpload_S-1-5-21-2830203645-438559757-2077044639-500 -> No File <==== ATTENTION
      Task: {C18E4892-0D02-47A4-9C0A-5CBBF8B58F45} - \{7EDEFC30-8E44-4786-AED0-79CA358B239A} -> No File <==== ATTENTION
      Task: {C1C50198-C6B2-4CFA-8F83-5C17F3740F8F} - \{7DF6ABF8-25A9-433C-B4F0-5F702DD0E0D1} -> No File <==== ATTENTION
      Task: {D050B50A-B354-47E2-8F4E-C8384F98BE73} - \SidebarExecute -> No File <==== ATTENTION
      Task: {E02B6CB6-9EE4-49FC-8CCD-21824D47A52D} - \Norton WSC Integration -> No File <==== ATTENTION
      HKU\S-1-5-21-2830203645-438559757-2077044639-1000\Software\Classes\.scr: => <==== ATTENTION
      HKU\S-1-5-21-2830203645-438559757-2077044639-1000\Software\Classes\.bat: batfile => <==== ATTENTION
      HKU\S-1-5-21-2830203645-438559757-2077044639-1000\Software\Classes\.com: ComFile => <==== ATTENTION
      HKU\S-1-5-21-2830203645-438559757-2077044639-1000\Software\Classes\.cmd: cmdfile => <==== ATTENTION
      HKU\S-1-5-21-2830203645-438559757-2077044639-1000\Software\Classes\.reg: => <==== ATTENTION
      
      CMD:  ipconfig /release 
      CMD:  ipconfig /renew 
      CMD:  ipconfig /flushdns 
      CMD:  ipconfig /registerdns
      RemoveProxy:
      EmptyTemp:
      Hosts:
      end
      • Lo guardas bajo el nombre de fixlist.txt en el escritorio <<< Esto es muy importante.
      Nota: Es necesario que el ejecutable Frst.exe y fixlist.txt se encuentren en la misma ubicación (escritorio) o si no la herramienta no trabajara.


      • Ejecutas Frst.exe.
      • Presionas el botón Fix y aguardas a que termine.
      • La Herramienta guardara el reporte en tu escritorio (Fixlog.txt).
      • Lo pegas en tu próxima respuesta.


      Reinicias el equipo y comentas como sigue funcionando todo.
      Saludos.
      El problema de los virus es pasajero y durará un par de años / John McAfee - fundador de McAfee

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    6. #16
      Usuario Avatar de Camila06
      Registrado
      sep 2017
      Ubicación
      Argentina
      Mensajes
      12

      Re: Protección contra spyware y software no deseado desactivada

      Fix result of Farbar Recovery Scan Tool (x86) Version: 26-10-2017
      Ran by camila (28-10-2017 12:47:30) Run:1
      Running from C:\Users\camila\Desktop
      Loaded Profiles: camila (Available Profiles: camila & Invitado)
      Boot Mode: Normal

      ==============================================

      fixlist content:
      *****************
      Start
      CreateRestorePoint:
      CloseProcesses:

      HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
      CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
      HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?bcutc=sp-006
      HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
      HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
      HKU\S-1-5-21-2830203645-438559757-2077044639-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
      HKU\S-1-5-21-2830203645-438559757-2077044639-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?bcutc=sp-006
      SearchScopes: HKLM -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
      SearchScopes: HKLM -> {7DFE3436-ECB4-4538-89D2-B78A653C4937} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MNMTDF&pc=MANM&src=IE-SearchBox
      SearchScopes: HKLM -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
      SearchScopes: HKU\S-1-5-21-2830203645-438559757-2077044639-1000 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
      SearchScopes: HKU\S-1-5-21-2830203645-438559757-2077044639-1000 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
      Toolbar: HKU\S-1-5-21-2830203645-438559757-2077044639-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
      U5 AppMgmt; C:\windows\system32\svchost.exe [20992 2009-07-13] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
      Task: {B1A00214-0E78-499E-A57B-A463C04FF149} - \WPD\SqmUpload_S-1-5-21-2830203645-438559757-2077044639-500 -> No File <==== ATTENTION
      Task: {C18E4892-0D02-47A4-9C0A-5CBBF8B58F45} - \{7EDEFC30-8E44-4786-AED0-79CA358B239A} -> No File <==== ATTENTION
      Task: {C1C50198-C6B2-4CFA-8F83-5C17F3740F8F} - \{7DF6ABF8-25A9-433C-B4F0-5F702DD0E0D1} -> No File <==== ATTENTION
      Task: {D050B50A-B354-47E2-8F4E-C8384F98BE73} - \SidebarExecute -> No File <==== ATTENTION
      Task: {E02B6CB6-9EE4-49FC-8CCD-21824D47A52D} - \Norton WSC Integration -> No File <==== ATTENTION
      HKU\S-1-5-21-2830203645-438559757-2077044639-1000\Software\Classes\.scr: => <==== ATTENTION
      HKU\S-1-5-21-2830203645-438559757-2077044639-1000\Software\Classes\.bat: batfile => <==== ATTENTION
      HKU\S-1-5-21-2830203645-438559757-2077044639-1000\Software\Classes\.com: ComFile => <==== ATTENTION
      HKU\S-1-5-21-2830203645-438559757-2077044639-1000\Software\Classes\.cmd: cmdfile => <==== ATTENTION
      HKU\S-1-5-21-2830203645-438559757-2077044639-1000\Software\Classes\.reg: => <==== ATTENTION

      CMD: ipconfig /release
      CMD: ipconfig /renew
      CMD: ipconfig /flushdns
      CMD: ipconfig /registerdns
      RemoveProxy:
      EmptyTemp:
      Hosts:
      end
      *****************

      Restore point was successfully created.
      Processes closed successfully.
      HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => key removed successfully.
      HKLM\SOFTWARE\Policies\Google => key removed successfully.
      HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
      HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Search Page => value removed successfully.
      HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page => value removed successfully.
      HKU\S-1-5-21-2830203645-438559757-2077044639-1000\Software\Microsoft\Internet Explorer\Main\\Search Page => value restored successfully
      HKU\S-1-5-21-2830203645-438559757-2077044639-1000\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
      HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
      HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{7DFE3436-ECB4-4538-89D2-B78A653C4937} => key removed successfully.
      HKLM\Software\Classes\CLSID\{7DFE3436-ECB4-4538-89D2-B78A653C4937} => key not found.
      HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F} => key removed successfully.
      HKLM\Software\Classes\CLSID\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F} => key not found.
      HKU\S-1-5-21-2830203645-438559757-2077044639-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully.
      HKU\S-1-5-21-2830203645-438559757-2077044639-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F} => key removed successfully.
      HKLM\Software\Classes\CLSID\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F} => key not found.
      HKU\S-1-5-21-2830203645-438559757-2077044639-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => value removed successfully.
      HKLM\Software\Classes\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => key removed successfully.
      HKLM\System\CurrentControlSet\Services\AppMgmt => key removed successfully.
      AppMgmt => service removed successfully.
      HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B1A00214-0E78-499E-A57B-A463C04FF149} => key removed successfully.
      HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B1A00214-0E78-499E-A57B-A463C04FF149} => key removed successfully.
      HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WPD\SqmUpload_S-1-5-21-2830203645-438559757-2077044639-500 => key removed successfully.
      HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C18E4892-0D02-47A4-9C0A-5CBBF8B58F45} => key removed successfully.
      HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C18E4892-0D02-47A4-9C0A-5CBBF8B58F45} => key removed successfully.
      HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{7EDEFC30-8E44-4786-AED0-79CA358B239A} => key removed successfully.
      HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C1C50198-C6B2-4CFA-8F83-5C17F3740F8F} => key removed successfully.
      HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C1C50198-C6B2-4CFA-8F83-5C17F3740F8F} => key removed successfully.
      HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{7DF6ABF8-25A9-433C-B4F0-5F702DD0E0D1} => key removed successfully.
      HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D050B50A-B354-47E2-8F4E-C8384F98BE73} => key removed successfully.
      HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D050B50A-B354-47E2-8F4E-C8384F98BE73} => key removed successfully.
      HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SidebarExecute => key removed successfully.
      HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E02B6CB6-9EE4-49FC-8CCD-21824D47A52D} => key removed successfully.
      HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E02B6CB6-9EE4-49FC-8CCD-21824D47A52D} => key removed successfully.
      HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Norton WSC Integration => key removed successfully.
      HKU\S-1-5-21-2830203645-438559757-2077044639-1000\Software\Classes\.scr => key removed successfully.
      HKU\S-1-5-21-2830203645-438559757-2077044639-1000\Software\Classes\.bat => key removed successfully.
      HKU\S-1-5-21-2830203645-438559757-2077044639-1000\Software\Classes\.com => key removed successfully.
      HKU\S-1-5-21-2830203645-438559757-2077044639-1000\Software\Classes\.cmd => key removed successfully.
      HKU\S-1-5-21-2830203645-438559757-2077044639-1000\Software\Classes\.reg => key removed successfully.

      ========= ipconfig /release =========


      Configuraci¢n IP de Windows


      Adaptador de LAN inal*mbrica Conexi¢n de red inal*mbrica 3:

      Sufijo DNS espec¡fico para la conexi¢n. . :
      Puerta de enlace predeterminada . . . . . :

      ========= End of CMD: =========


      ========= ipconfig /renew =========


      Configuraci¢n IP de Windows


      Adaptador de LAN inal*mbrica Conexi¢n de red inal*mbrica 3:

      Sufijo DNS espec¡fico para la conexi¢n. . : fio.unicen.edu.ar
      Direcci¢n IPv4. . . . . . . . . . . . . . : 192.168.114.235
      M*scara de subred . . . . . . . . . . . . : 255.255.255.0
      Puerta de enlace predeterminada . . . . . : 192.168.114.254

      ========= End of CMD: =========


      ========= ipconfig /flushdns =========


      Configuraci¢n IP de Windows

      Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.

      ========= End of CMD: =========


      ========= ipconfig /registerdns =========


      Configuraci¢n IP de Windows

      Se inici¢ el registro de los registros de recursos DNS para todos
      los adaptadores de este equipo. Cualquier error se notificar* en
      el Visor de eventos en 15 minutos.

      ========= End of CMD: =========


      ========= RemoveProxy: =========

      HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer => key removed successfully.
      HKU\S-1-5-21-2830203645-438559757-2077044639-1000\SOFTWARE\Policies\Microsoft\Internet Explorer => key removed successfully.
      HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully.
      HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully.
      HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully.
      HKU\S-1-5-21-2830203645-438559757-2077044639-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => value removed successfully.
      HKU\S-1-5-21-2830203645-438559757-2077044639-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully.
      HKU\S-1-5-21-2830203645-438559757-2077044639-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully.


      ========= End of RemoveProxy: =========

      C:\Windows\System32\Drivers\etc\hosts => moved successfully
      Hosts restored successfully.

      =========== EmptyTemp: ==========

      BITS transfer queue => 8388608 B
      DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 46351236 B
      Java, Flash, Steam htmlcache => 35235133 B
      Windows/system/drivers => 175850952 B
      Edge => 0 B
      Chrome => 396821902 B
      Firefox => 0 B
      Opera => 0 B

      Temp, IE cache, history, cookies, recent:
      Users => 0 B
      Default => 0 B
      Public => 0 B
      ProgramData => 0 B
      systemprofile => 80878 B
      LocalService => 0 B
      NetworkService => 0 B
      camila => 55047611 B
      Invitado => 15615434 B

      RecycleBin => 95004 B
      EmptyTemp: => 699.5 MB temporary data Removed.

      ================================


      The system needed a reboot.

      ==== End of Fixlog 12:49:54 ====

      Sigue todo igual

    7. #17
      Moderador
      Avatar de @MiguelRiaguel
      Registrado
      dic 2008
      Ubicación
      España
      Mensajes
      12.064

      Re: Protección contra spyware y software no deseado desactivada

      Uffff que extraño Vamos a utilizar una herramienta de reparación como es Windows Repair (All In One).

      Esta herramienta tiene varios pasos (steps) para reparar windows. Yo te voy a recomendar que realices el Step4: System File Check para que compruebe los archivos de sistema y los repare en caso que sea necesario. Posteriormente, pulsas sobre la pestaña Repairs >> y pulsas sobre Open repairs. El programa realizará un backup automático del registro de tu sistema, y posteriormente accederas a la ventana de reparación:



      Importante que tengas seleccionadas todas las opciones (no recuerdo muy bien pero creo que tiene sobre 33 opciones; las que son específicamente de Windows 8 no son necesarias que las selecciones). Para iniciar la reparación pulsa en Star Repairs. Deja al programa que realice todas las acciones necesarias para la reparación y cuando finalice, reinicias el equipo. Compruebas resultados.

      Saludos.
      El problema de los virus es pasajero y durará un par de años / John McAfee - fundador de McAfee

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    8. #18
      Usuario Avatar de Camila06
      Registrado
      sep 2017
      Ubicación
      Argentina
      Mensajes
      12

      Re: Protección contra spyware y software no deseado desactivada

      Ahora dice: "no se puede iniciar el centro de seguridad de windows"

    9. #19
      Moderador
      Avatar de @MiguelRiaguel
      Registrado
      dic 2008
      Ubicación
      España
      Mensajes
      12.064

      Re: Protección contra spyware y software no deseado desactivada

      Por favor, comprueba los pasos marcados en el siguiente link: Mensaje de error: "No se puede iniciar el servicio Centro de seguridad"

      Me comentas
      El problema de los virus es pasajero y durará un par de años / John McAfee - fundador de McAfee

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    10. #20
      Usuario Avatar de Camila06
      Registrado
      sep 2017
      Ubicación
      Argentina
      Mensajes
      12

      Re: Protección contra spyware y software no deseado desactivada

      Ya lo comprobé, se produce el error 1068 al intentar iniciar el servicio